Russian cryptocurrency company 3Commas accused of stealing users' API keys

Employees of the St. Petersburg-based algorithmic cryptocurrency trading platform 3Commas were accused of stealing users' API keys. The founders of 3Commas denied the allegations and urged their customers not to believe the fake news.

There have been some false rumors shared by bad faith actors using falsified evidence to claim 3Commas leaked users' API keys. These rumors were related to fake screenshots of Cloudflare logs that have been shared on Twitter and Youtube.
The full article: https://t.co/KVOF2BWlYn pic.twitter.com/qJ52CvnVg0

— 3Commas (@3commas_io) December 11, 2022

Some members of the cryptocurrency community believe that the 3Commas team is involved in the theft of API keys. Thus, a user with the nickname Angela Rueda posted a confirmation post on Twitter, attaching a screenshot that allegedly proves that the keys were stolen by 3Commas representatives. However, 3Commas co-founder and CEO Yuriy Sorokin denied this information and suggested that some users «conspired to act against 3Commas.»

twitter.com/AngelaR35190738/status/1 601 808 303 234 883 584?ref_src=twsrc^tfw|twcamp^tweetembed|twterm^1 601 808 303 234 883 584|twgr^bdef80df25fc08d517077c5aec558a1a28e9e811|twcon^s1_c10&ref_url=https://forklog.com/news/v-3commas-oprovergli-utechku-api-klyuchej-polzovatelej

As Sorokin explained, the images probably show the Instant Log pages on the Cloudflare dashboard. The 3Commas CEO emphasized some inconsistencies: the date, the navigation menu, and the images.

Sorokin also urged affected users whose API keys were stolen to file a police report to freeze the fraudulent ones. «The sooner this is done, the sooner the exchanges will freeze the accounts of the attackers to stop the withdrawal of funds and increase the likelihood that some or all of the funds will be returned to the victims.»

Currently, security researchers are trying to confirm or deny the veracity of the 3Commas founder’s words. However, the NoWorries editorial team strongly advises against trusting your funds to platforms associated with a terrorist country.

It is worth noting that 3Commas users started reporting the API key leak back in late October. The main crypto product of 3Commas is trading bots that automatically execute trades on exchanges such as Binance, Coinbase, OKX, and until recently, FTX. The service is popular because it saves users time and effort. In order for the 3Commas bot to execute trades, users have to provide their API keys generated by the exchanges. The crypto community suspects 3Commas of stealing this data.