US law enforcement officers have launched an investigation into the leak of API keys for users of the 3Commas algorithmic trading platform for digital assets. This is reported CoinDesk.
According to the publication, at least two customers of the service were contacted by representatives of the office FBI in Cincinnati.
Earlier it became known that about 100,000 API keys related to large exchanges like Binance and KuCoin fell into the hands of an attacker. The hacker claimed that the user data was sold to him by a platform employee.
1) We have seen the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have requested that Binance, Kucoin and other supported exchanges revoke all keys that were connected to 3Commas. pic.twitter.com/ZMuzCqeF1j
— 3Commas (@3commas_io) December 28, 2022
“3Commas emphasizes that the internal investigation found no evidence that any of the 3Commas employees were in any way involved in attacks on API data,” said Yury Sorokin, co-founder and CEO of the company.
According to him, the most likely attack vector is phishing or the introduction of malicious code into the platform software. Their own investigation found no “compromised code or security breaches,” Sorokin said.
3Commas API keys were compromised back in October. Attackers used access to make unauthorized transactions in user accounts.
The victims formed a group of about 60 people, according to CoinDesk. Previously, they contacted the US Secret Service and other law enforcement agencies to find out where their funds went missing. Association leader Edmundo Peña estimated the total losses at least $20 million.
Recall that after the October attack, FTX founder Sam Bankman-Fried suggested that hackers voluntarily return 95% of the stolen funds of exchange users. Their damage exceeded $6 million.
Read CryptoNewsHerald bitcoin news in our Telegram – Cryptocurrency news, courses and analytics.
Found a mistake in the text? Select it and press CTRL+ENTER