FTX in turmoil? – Decentralized finance is frequently the target of hackers of all kinds. For its part, its centralized counterpart is not immune. The platform 3Commas just paid the price. Indeed, many suspicious activities have been detected there.
Security breach at 3Commas
3Commas is a crypto platform that aims to facilitate trading by automating the maneuver. Thus, the platform has different trading bots that apply strategies depending on the state of the market.
On October 21, the platform alerted its customers that a incident had been detected. Thereby, multiple API keys were used to perform unauthorized trades on the DMG pair.
As a reminder, an API key is an authentication mode for communicating with the API of a platform. In practice, this allows two programs to communicate with each other.
As part of the 3Commas affair, the API keys of the FTX exchange platform were compromised.
“During an investigation with our partners, a number of API keys were found linked to new 3Commas accounts that were created and used for the first time to perform unauthorized transactions for trading pairs. DMG. »
Fortunately, the FTX teams knew how to be reactive and were able remove compromised API keys to reduce the impact of the attack. Attack whose booty exceeds one million dollars.
>> Take advantage of the returns offered by FTX Earn, register on FTX the reference of crypto exchanges (commercial link) <<
Obviously, the 3Commas teams conducted the investigation to determine the origin of this flaw. After investigation, 3Commas came to several conclusions.
Thus, no security flaw has been detected on the side of 3Commas or FTX. Therefore, the stolen keys would not have been stolen on these platforms.
Indeed, according to information collected by 3Commas it looks like the keys have been compromised via a phishing attack. Indeed, several websites reproduce 3Commas identically in order to fool users.
“The API keys used in the attack likely came from phishing attacks using websites that replicate the 3Commas interface and capture users’ API keys when they attempted to connect their exchange accounts. »
The platform invites all users who have been victims of the attack to come forward in order to be able to help them.
Phishing: the main attack vector
Within the cryptocurrency ecosystem, we tend to often talk about hacks via flaws in smart contracts. However, this type of attack is mostly very sophisticated. Their degree of sophistication makes them complicated to set up.
Thus, the vast majority of hackers prefer to use more affordable methods. Therefore, many hackers and scammers have use of phishing attacks.
These are often coupled with the social media profile hack. Indeed, attackers will steal the account of an important user of a protocol and use it to distribute phishing links to hack other users.
The NFT ecosystem is particularly affected by this type of attack. The case of Article Beeple is a perfect example of this type of scam. This one had his discord hacked and the attacker published numerous phishing links. Also find our survey on cyber insecurity and the dangers of web2 and web3.
Take a step ahead and choose peace of mind to gently immerse yourself in the world of cryptocurrencies. By registering on FTX via this JDC commercial link, you will also get a lifetime discount on trading fees.