The infamous web3 Twitter detective ZachXBT reported on Dec. 20 that forty-four 3Commas users had lost $14.8 million due to theft. ZachXBT claimed users were forming a class action lawsuit against 3Commas.
3Commas released a statement asserting to disprove all claims. The company argued that the accusations were “fake” and “baseless.” Further, the crypto trading platform contended that they have concrete evidence that phishing played a part in some incidents.
Users claimed 3Commas leaked their API keys, resulting in unauthorized trades. The accusations were aimed directly at 3Commas employees rather than some nefarious third party.
“3commas employees are stealing the API keys I attached the screenshots from the Cloudflare that shows 3commas dashboard and how API keys are exposed there.”
Additionally, the firm confirmed that there had been no breach of security encryption mechanisms or databases. If a breach had occurred, all API keys and linked accounts would have been compromised, according to 3Commas.
However, recent reports from Zach_XBT seemingly tell a different story, as he claims that users have complained across multiple exchanges.
The identities of the users affected have not been released, nor have they made an apparent public appearance to date. Given the prolific nature of financial scams and phishing attempts around crypto products, some, including one VaynerMedia employee, argued that
“We’ve had 50+ BAYC holders or just NFT people in general, REKT by phishing scams and other trickery. This is not hard to believe. Not defending 3Commas here, never used them, but I don’t think 44 implies anything concretely about 3Commas.”
Regardless, there has been an increasing number of reports related to leaked API keys from 3Commas over the past months. Whether users have been increasingly targeted with sophisticated phishing scams or employees have been stealing data remains unclear.
Earlier reports of 3Commas hacks revealed that API keys were being used for wash trades on trading pairs with low liquidity in order for bad actors to launder funds. Such trades have not been reported in this most recent round of exploits at this time.
However, the fact remains that users have lost a considerable sum of money through integrating 3Commas with exchanges. Therefore, further investigation and an increase in security are likely required.