Home » Business » Binance CEO warns of dangerous API data breach

Binance CEO warns of dangerous API data breach

Binanza CEO Changpeng Zhao says he is “pretty sure” that the API keys of trading bot platform 3Commas have been leaked. A 3Commas representative has since confirmed that the company received a message from a hacker and that the leaked data is real.

Remove immediately

Zhao’s message is therefore to warn people to remove the keys in question as soon as possible. “If you ever enter an API key into 3Commas (from any exchange), delete it immediately. Stay safe,” Zhao said of the vulnerability.

If your keys are linked to 3Commas, it is possible that hackers are controlling your funds. In principle, they cannot steal goods directly, but indirectly they can. By first buying tokens with your wallets that have almost no volume and then selling them at much higher prices.

This is the dangerous thing about sharing API keys on a platform like Binance. It seems like a safe and interesting idea, until the platform behind the trading bot is hacked. Now that’s the case, so much so that many people’s keys are no longer safe. Let’s hope the damage is minor.

Investigation launched

3Commas is investigating and has previously discovered that the API keys of the already fallen FTX have been used for unauthorized operations. The 3Commas team had already been informed on October 20th. At the time, they indicated that the keys weren’t leaked through 3Commas itself, but likely through a third party.

Now even 3Commas itself confirms that the keys have been leaked. “To take immediate action, we have asked Binance, KuCoin and other exchanges to revoke all keys associated with 3Commas,” a representative said:

“Only a small part of the technical staff had access to the infrastructure and after November 16th we have already taken steps to completely block this access. New security measures have since been implemented and it won’t stop there. We have launched a full investigation.”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.