Cryptocurrency trading platform 3Commas reported that they suffered a data breach in which API data were stolen. Following the incident, an FBI investigation has been called in.
However, the investigation comes after weeks of criticism from users of the Estonia-based crypto trading platform. As per the statement released by the platform, an unknown hacker posted 3Commas’ API database to Pastebin, on 28 December.
Also, users reported that its CEO repeatedly ignored the warning signs that the platform had been targeted.
The cyber threat security team of the company has confirmed the attack’s authenticity after analyzing it, saying “at this point, 3Commas can, unfortunately, confirm that some of 3Commas’ users’ API data (API keys, secrets and passphrases) have been disclosed by a third party.”
Further, it added that “Currently and to the best of our knowledge only API data have been disclosed as part of this incident. As a likely consequence, the hacker(s) may use or may have used the API data to connect your exchange accounts to his/their account and/or initiate unauthorized trades”.
The threat actor has managed to leak a set of 10,000 API keys, which was just 10% of the 100,000-big database, as per the report
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: