Crypto exchange Binance closed a trader account on Dec. 9 after a user complained about the exchange’s response for alleged funds theft. Binance CEO Changpeng “CZ” Zhao said the firm does not want to service “unreasonable” clients.
A user by the name of CoinMamba on Twitter started complaining about the lost funds on Dec. 8, claiming that a leaked API key tied to crypto trading firm 3Commas was used “to make trades on low cap coins to push up the price to make profit.”
The trader claims in a series of tweets that Binance was unable to provide him with appropriate support:
Have talked to Binance support and so far they are refusing to do anything to help me with the situation, saying that is my fault. Not sure how the API was leaked, and whose fault is this.— CoinMamba (@coinmamba) December 8, 2022
Binance CEO also took to Twitter on Dec. 9 to clarify the situation:
Mamba, there is almost no way for us to be sure users didn’t steal their own API keys. The trades were done using API keys you created. Otherwise we will just be paying for users to lose their API keys. Hope you understand.— CZ Binance (@cz_binance) December 9, 2022
As the user continued to complain on the social media platform, CZ admitted in another tweet to be considering putting the user’s account “in off boarding (withdrawal only) mode,” claiming “we don’t want to service people who are unreasonable.” The tweet was later deleted but is still available as a screenshot in the thread. The user’s account was then closed, with three days to withdraw funds.
According to the user tweets, 3Commas denied any exploit on its protocols and databases and, therefore, had no responsibility for the stolen API keys. “On the basis of the information we have today, we have found that no encryption protocols have been found to be compromised and no breaches of 3Commas’ account security databases have occurred,” stated 3Commas support.
Other Twitter users also raised the issue of the alleged API hacker, requesting Binance to halt withdrawals and investigate the incident.
At this point, Binance must know who is the 3commas API hacker. It's too easy. They should pause withdrawals from the accounts that sent offers high up right before the pump and investigate.— Bitbit (@bitbitcrypto) December 10, 2022
I'm sure the people in Binance understand what the hacker is doing (if not, I can help) pic.twitter.com/rOdmmfsAtq
On Nov. 13, Binance CEO confirmed that at least three users faced unexpected transactions on their accounts after sharing their API Key with third-party platforms Skyrex and 3Commas. He then recommended users to delete related API keys.
Coinmamba claims to have been a Binance client for over five years, and he still has futures positions open on the platform.
Binance and 3Commas did not immediately respond to Cointelegraphs' requests for comments.