Binance CEO Changpeng Zhao said he's "reasonably sure" there were "wide spread API key leaks" from trading-bot platform 3Commas after fresh speculation about an October incident emerged on social media on Wednesday.
"I strongly believe @tier10k is correct here," he wrote on Twitter, referring to a post from a user that said an API leak had been published. "If you have ever put an API key in 3Commas (from any exchange), please disable it immediately."
Now, 3Commas CEO Yuriy Sorokin has confirmed the leak, addin that no proof was found that the leak was an inside job.
1. Statement from 3Commas:We saw the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas.
2. We did everything that we could to investigate an inside job, as it was always a possible scenario and on our watch list, but proof of an inside job was not found.
3. Only a small number of technical employees had access to the infrastructure and we have taken action since November 19 to remove their access.
4. Since then, we have implemented new security measures and will not stop there; we are launching a full investigation involving law enforcement.
We are sorry that this has gotten so far and will continue to be transparent in our communications around the situation.
Related News:
Anonymous Twitter User Leaks Alleged 3Commas API Database
3Commas API Dispute Highlights Risks of Algorithmic Trading
3Commas Announced Update on Investigation Into API Keys and Attacks on Exchanges
3Commas Denies Accusations of Leaking API Data Resulting in $14.8M in ‘Unauthorized Trades’
All Comments