FTX API Keys Associated With 3Commas Exploited: Details
- A joint investigation led by FTX and crypto trading bot platform 3Commas confirmed that the API keys connected with the latter were stolen via phishing attack or hack.
- The 3Commas team confirmed that there was no security breach in the databse of the crypto trading bot platform and as a result, all the crucial information remains safe.
- The bad actors supposedly recreated 3Commas website and phised the users who failed to difference between the official source and the unofficial one.
The crypto market turned into a playground for scammers as the month of October recorded an extremely high number of hacks and exploits, and one of them included the recent exploit of FTX API keys, which were connected to 3Commas, a trading-bot platform. It was confirmed via a joint investigation led by the two crypto-focused platforms that following the exploit, the application programming interface (API) was used to conduct unauthorized trades for DMG trading pairs on the leading crypto exchange.
According to a several reports, the first confirmation of the incident came out on Oct. 20 wherein the 3Commas team was informed that the FTX API keys connected to the trading bot platform was used to initiated unauthorized transactions which were not obtained from legitimate sources. It was clear that the keys were obtained from third-party phishing attack or hack, as per the official blog post from the platform.
“On the 20th of October, the 3Commas team was alerted to an incident that occurred where a number of FTX API keys connected to 3Commas and used to perform unauthorized trades for DMG cryptocurrency trading pairs on FTX exchange accounts. 3Commas has been informed that traders who have never used 3Commas were also affected by what appears to be a 3rd party phishing or hacking attack of some kind.”read the blog post.
The collaborative investigation led by the third biggest crypto exchange by market cap in the crypto space and the trading bot platform revealed that the unauthorized transactions for the DMG trading pairs on crypto exchange FTX were initiated via a 3Commas accounts which were created for the first time for the purpose of draining funds. Additionally, it was clear that the keys were not taken from 3Commas but their source was somewhere outside.
In an update on Oct. 22, 3Commas team reached out to its audience and users that there was no security breach and the database of the platform was safe and sound. The API keys belonging to other users were also safe which confirms the possibility of a phishing attack that was responsible for the authorized transactions being placed.
The team further confirmed that they is in close contact with the victims of this 3rd party attack and is working with them to provide assistance and gather more information.
Following the investigation in collaboration with FTX, the platform has found several fake 3Commas website which could’ve been used for phishing attacks and taking important data from the users. The blog post stated that by replicating the design of the 3Commas web interface, the bad actors captured API keys from 3Commas users that had “accidentally used the fake website to try and connect their exchange accounts.”
In the light of similar events, it is crucial to note that a smart contract on the popular DeFi platform Olympus DAO was exploited and $300,000 were stolen from the same.