{"id":503119,"date":"2022-10-23T14:30:00","date_gmt":"2022-10-23T11:30:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/3commas-issues-security-alert-as-ftx-deletes-api-keys-following-hack\/"},"modified":"2022-10-23T14:30:00","modified_gmt":"2022-10-23T11:30:00","slug":"3commas-issues-security-alert-as-ftx-deletes-api-keys-following-hack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/3commas-issues-security-alert-as-ftx-deletes-api-keys-following-hack\/","title":{"rendered":"# 3Commas issues security alert as FTX deletes API keys following hack"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2e0038bb8f0\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2e0038bb8f0\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/3commas-issues-security-alert-as-ftx-deletes-api-keys-following-hack\/#%E2%80%9D_3Commas_issues_security_alert_as_FTX_deletes_API_keys_following_hack_%E2%80%9C\" >&#8221; 3Commas issues security alert as FTX deletes API keys following hack &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_3Commas_issues_security_alert_as_FTX_deletes_API_keys_following_hack_%E2%80%9C\"><\/span>&#8221; 3Commas issues security alert as FTX deletes API keys following hack &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-4b69a2fe>Automated crypto trading bot provider 3Commas issued a security alert after identifying certain FTX API keys being used to perform unauthorized trades for DMG cryptocurrency trading pairs on the FTX exchange.<\/p>\n<p>3Commas and FTX conducted a joint investigation in relation to reports from users of unauthorized trades on the DMG trading pairs on FTX. The duo <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/3commas.io\/blog\/3commas-ftx-security-alert\">identified<\/a> that hackers used new 3Commas accounts to perform the DMG trades adding that \u201cThe API keys were not taken from 3Commas but from outside of the 3Commas platform.\u201d<\/p>\n<p>A subsequent investigation found fradulent websites posing as 3Commas were being used to phish API keys as users linked their FTX accounts. The FTX API keys were then used to perform the unauthorized DMG trades.<\/p>\n<p>3Commas further suspects that hackers used 3rd-party browser extensions and malware to steal the API keys from users, adding:<\/p>\n<blockquote><p>\u201cTo reiterate and clarify, there has been no breach of either 3Commas account security databases or API keys. This is an issue that has affected multiple users who have never been customers of 3Commas so there is no possibility that it is a leak of API keys originating from 3Commas.\u201d<\/p><\/blockquote>\n<p>Both FTX and 3Commas identified suspicious accounts based on user activity and suspended the API keys to avoid further losses.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-10\/a79abfef-7976-49be-8674-6d40f5fe4342.png\" alt=\"\" title=\"\"><figcaption style=\"text-align: center;\"><em>A set of guidelines shared by 3Commas for user&#8217;s safety. Source: 3Commas<\/em><\/figcaption><\/figure>\n<p>FTX users that have connected their accounts with 3Commas and receive a message regarding their API being \u201cinvalid\u201d or \u201crequires updating\u201d must create new API keys. In such cases, 3Commas suggested that:<\/p>\n<blockquote><p>\u201cIt is possible your API details were compromised and the API key has been deleted by FTX.\u201d<\/p><\/blockquote>\n<p>Users have the option to create a new API key on FTX and link it to their 3Commas account to ensure no disruption to active trades.<\/p>\n<p>3Commas are currently working with the victims to provide assistance and gather more information about the hackers.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Voyager customers could recover 72% of frozen crypto under FTX deal<\/em><\/strong><\/p>\n<p>FTX recently partnered with Visa to roll out debit cards in 40 countries worldwide. The partnership allows FTX users to pay for goods and services using debit cards that boast \u201czero fees\u201d and no yearly charges.<\/p>\n<p>The market reacted to the development as the FTX token spiked 7%, momentarily reaching a trading price of $25.62.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/3commas-issues-security-alert-as-ftx-deletes-api-keys-following-hack\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; 3Commas issues security alert as FTX deletes API keys following hack &#8220; Automated crypto trading bot provider 3Commas issued a security alert after identifying certain FTX API keys being used to perform unauthorized trades for DMG cryptocurrency trading pairs on the FTX exchange. 3Commas and FTX conducted a joint investigation in relation to reports&#8230;<\/p>\n","protected":false},"author":1,"featured_media":503120,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvYzgyNzZhYWMtYTg4Yy00ZWJjLThjOWUtYTk1ZGM3YmVlZTEzLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,86752,74860,127241,117,71407],"class_list":["post-503119","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-bot","tag-cryptocurrency-exchange","tag-ftx-token","tag-business","tag-trading"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/503119","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=503119"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/503119\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/503120"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=503119"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=503119"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=503119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}