A group of traders last week said that $22 million worth of crypto had been stolen through compromised API keys from the trading platform 3Commas. On Wednesday, 3Commas admitted it was the source of that API leak. The announcement came after an anonymous Twitter user obtained around 100,000 API keys belonging to 3Commas users and published it online. 3Commas had initially insisted there was no security issue on its end, and co-founder Yuriy Sorokin repeatedly suggested on Twitter that a phishing attack caused users to give up their data. But on Wednesday, Sorokin tweeted: “We saw the hacker’s message and can confirm that the data in the files is true… We are sorry that this has gotten so far and will continue to be transparent in our communications around the situation.” 3Commas is a platform that lets users link multiple crypto exchange accounts—such as those kept on Binance—to automated trading software. This is all done via APIs (application programming interfaces), the standardized mechanisms that enable separate software components to communicate with each other and perform tasks. The idea is that humans don’t have to do the hard work of thinking about their trades. Instead, it’s all done instantly and automatically via code.
Full story : 3Commas Admits It Was Source of API Leak That Led to Hacks.