Crypto trading bot provider 3Commas is on “heightened alert” after some of its users’ accounts were compromised and used to place trades.
An Oct. 8 blog post from 3Commas co-founder and CEO Yuriy Sorokin said they received reports from users concerning unauthorized trades on their accounts after resetting their passwords.
An investigation found “only a few customer accounts” were compromised and unauthorized trades made.
Sorokin told Cointelegraph in a statement that 3Commas was made aware of the compromise on Oct. 3 with “less than 10 users” affected.
Notice of Incident. We've identified a security incident that has come to our attention concerning the security of 3Commas accounts. Learn more and stay secure:
— 3Commas (@3commas_io) October 8, 2023
Read our Blog Post: https://t.co/sJmfzOJE49 pic.twitter.com/MRJ40D29pj
“We will continue with our investigation into this matter,” Sorokin wrote in the blog. “Please note, however, that in the meantime, our services are running normally, and we will continue to operate in a state of heightened alert.”
The accounts with unauthorized trades mostly had not enabled two-factor authentication (2FA), according to 3Commas. It said the data accessed did not include user API data or passwords.
As additional security measures, the firm said it implemented a new approach to resetting passwords and disabled API connections after a user resets their password. It is recommended that users enable two-factor authentication and regularly change their password.
Sorokin said it also ensured to communicate the breach to the relevant authorities.
Related: OpenSea ‘unaware’ of any involvement of former exec in $60M rug pull
In December 2022, the firm disclosed an incident from that October where user API keys had been leaked, leading to unauthorized trades on victim accounts.
Sorokin and 3Commas initially denied a breach had taken place and instead suggested their customers had been phished. They later relented, and Sorokin admitted there had been an API leak from 3Commas.
3Commas users affected by the API leak called for refunds and an apology for being gaslighted.
“We regret that such an incident has taken place,” Sorokin wrote of the latest incident. He added that 3Commas is improving its security to prevent or limit similar future incidents.
Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in
Update (Oct. 12, 5:30 AM UTC): This article has been updated to include responses from Yuriy Sorokin.