On Wednesday afternoon, Yuri Sorokin confirmed that an attack on his firm did indeed occur and compromised tens of thousands of API keys. Sorokin’s company, 3Commas, has been pinning unauthorized transactions resulting from the leaked APIs to individual phishing attacks since early December.
Sorokin Confirms 3Commas API Leak
In a Twitter thread published on Wednesday afternoon, Yuri Sorokin, the CEO of 3Commas, confirmed that API keys connected to his company have been leaked. The confirmation came after an anonymous user published 10,000 keys on the platform and announced they have acquired around 100,000 keys belonging to 3Commas’ users.
Sorokin asked 3Commas-supported exchanges like Binance and Kucoin to revoke all keys related to his company. He also explained that the firm is examining whether the attack was an inside job and has taken its first step toward solving the issue already on November 19th.
3Commas’ CEO stated his company would be launching a full investigation into the matter and ended by saying that the firm already implemented new security measures and apologized that it took them so long to communicate in a transparent fashion.
The company has been trying to pin unauthorized activity reported by its users on individual phishing attacks as recently as December 11th. 3Commas’ users are confirmed to have lost at least $6 million due to the leak through attacks that started already in October.
Join our Telegram group and never miss a breaking digital asset story.
Anon Announces They Obtained 100,000 3Commas API Keys
Earlier on Wednesday, an anonymous user on Twitter announced they’ve acquired close to 100,000 API keys of 3Commas’ users and published a document containing around 10,000 of them. While 3Commas initially remained silent on the leak, Binance’s CEO Changpeng Zhao warned that users should disable their potentially compromised keys and stated he is reasonably sure the published database is legitimate.
On-chain researcher ZachXBT—who recently identified four wallets used by Alameda Research to store Bitcoin after its recent asset shuffling—has also been tracking and reporting on the 3Commas leak since early December. On Wednesday, the user reported that three of the verified victims of the leak found their APIs in the published database.
There have been multiple hacks, exploits, and other attacks targeting cryptocurrency platforms throughout 2022. Some firms have been quick to report on the events like Binanance when its BNB chain was targeted in October. Others, like BIT Mining, made cyberattacks targeting them public knowledge weeks after they occurred.
Authorities have also been ramping up their efforts against attackers targeting cryptocurrency platforms. On December 27th, reports came out that confirmed that Avraham Eisenberg, best known for exploiting Mango Markets in October, is facing criminal charges due to said attack, and has already been arrested in the District of Puerto Rico.
Finance is changing.
Learn how, with Five Minute Finance.
A weekly newsletter that covers the big trends in FinTech and Decentralized Finance.
You’re well on your way to being in the know.
Do you think 3Commas will succeed in effectively containing the damage from the leak? Let us know in the comments below.
About the author
Tim Fries is the cofounder of The Tokenist. He has a B. Sc. in Mechanical Engineering from the University of Michigan, and an MBA from the University of Chicago Booth School of Business. Tim served as a Senior Associate on the investment team at RW Baird’s US Private Equity division, and is also the co-founder of Protective Technologies Capital, an investment firm specializing in sensing, protection and control solutions.