A security alert has recently been issued by 3Commas, an automated cryptocurrency trading bot provider. The alert was issued by 3Commas following the identification of certain FTX API keys.
The provider has reported that the particular keys are being used by exploiters in order to perform trades. The data provided by 3Commas confirms that the trades being performed are unauthorized.
These particular trades are being performed through the FTX exchange and involve the trading pairs of DMG.
Joint Investigation
The reports confirm that the teams at the FTX exchange and 3Commas have carried out a joint investigation.
The investigation is surrounding the DMG cryptocurrency whose pairs are being traded unauthorized. The initial report has confirmed that the unauthorized transactions have been processed through FTX.
The report shows that the 3Commas accounts were used by hackers on the FTX exchange to perform trades that involved DMG.
3Commas did not lose any API Keys
3Commas teams have confirmed that none of the API keys used in the process were taken from the 3Commas platform. An outside platform was used by the hackers to perform the transactions.
The preliminary report has revealed that the hackers had set up fraudulent websites for the purpose. These fraudulent websites pretended to be 3Commas and as a result, they were phishing API keys.
As the FTX users connected their accounts with the fraudulent 3Commas websites, the hackers phished the API keys of these users.
Later, the hackers used these API keys in order to gain access to the FTX platform and performed unauthorized trades for DMG.
In addition to using fraudulent websites, the hackers also used third-party platforms to lure people. These third-party platforms could have been malware and browser extensions.
The purpose of the malware would be to deprive the users of the API keys.
Announcement by 3Commas
3Commas also issued a statement from their end to clarify and reiterate their position to the entire community.
The 3Commas officials confirmed that they have not been victimized by the hackers and none of their security databases have been breached by the hackers.
Therefore, they can confirm that the hackers were neither able to steal the API keys nor they were able to breach the security databases of the 3Commas accounts.
3Commas further clarified that none of their customers or clients have been affected or impacted by the incident.
Action Taken by FTX and 3Commas
The officials at 3Commas and FTX exchange have confirmed that they carried out their investigation and established the breached API keys.
They have already suspended the API keys so any further losses could be avoided.
To ensure that no disruptions are faced with active trades, the users create a new API key through FTX and then proceed with linking it with 3Commas.
As a result of the announcement by 3Commas, the trading price of the FTX tokens rose by 7%. At the time of writing, the trading price of 3Commas is at $25.62.