Key takeaways:
- 3Commas is on “heightened alert” following the hacking of some of its users’ accounts and the subsequent use of those accounts to execute trades.
- According to 3Commas, most accounts with unauthorized trades had no two-factor authentication (2FA) setup.
3Commas, a provider of cryptocurrency trading bots, is on “heightened alert” following the hacking of some of its users’ accounts and the subsequent use of those accounts to execute trades.
In a blog post on October 8, co-founder and CEO of 3Commas, Yuriy Sorokin, stated that the company has received reports from users about unauthorized trades occurring on their accounts after changing their passwords.
According to an investigation, “only a few customer accounts” were accessed, and unapproved trades were executed. The number of impacted users was not made public by 3Commas. They would continue “with our investigation into this matter,” Sorokin stated. Sorokin went on to say:
“Please note, however, that in the meantime, our services are running normally, and we will continue to operate in a state of heightened alert.”
According to 3Commas, most accounts with unauthorized trades had no two-factor authentication (2FA) setup. It claimed that neither passwords nor user API data had been obtained.
The company said it had changed how passwords are reset and stopped API connections once a user refreshed their password as extra security measures. Two-factor authentication should be enabled, and users should update their passwords frequently.
The company disclosed an incident from October 2022 in which user API keys had been compromised, resulting in unauthorized trades on victim accounts.
At first, Sorokin and 3Commas claimed there had been no breach and instead asserted that some of their clients had been phished. Later, it gave in, and Sorokin acknowledged that 3Commas had leaked an API.
Users of 3Commas who were impacted by the API breach demanded refunds and an apology for gaslighting them.
Regarding the most recent instance, Sorokin expressed regret that such an incident had occurred. To prevent or reduce similar future accidents, he further stated that 3Commas is enhancing its security.
The cryptocurrency assets that were taken by a hacker in late September have been recovered by cryptocurrency exchange HTX, formerly known as Huobi. In an interesting turn of events, HTX has also kept its word to provide the hacker a 5% white hat bonus after recovering the stolen money.