FTX Users Lose Millions to API Exploit

23 October 2022, 11:00 GMT+0000
Updated by Ryan James
23 October 2022, 11:00 GMT+0000
In Brief
  • Wu Blockchain reported that 4 FTX users lost millions to an API exploit.
  • 3Commas has denied that the breach occurred from its services.
  • FTX is investigating the events that led to the exploits.
  • promo

A crypto trader lost over a million dollars after hackers accessed his FTX account by exploiting an API connected to the trading account.

Chinese crypto journalist Colin Wu first reported the incident saying, the user first noticed that his account was trading DMG tokens more than 5000 times, only to discover later that nearly $1.6 million in Bitcoin, FTX token, Ethereum, and other cryptocurrencies have left their account.

The reporter further confirmed that this was not an isolated incident, as there have been three other victims. On its part, FTX claimed that the hack was due to leaks of the API keys for the trading platform 3Commas.

Another FTX User Lost $1.5 Million

Another FTX user Bruce in an October 22 Twitter thread stated that he was a victim of the FTX exploit. He revealed that he lost $1.5 million to the incident which happened on October 21.

According to Bruce, he has never “used 3Commas and even never heard about it. And I had never used the API key in the past 2 years. I had never saved the secret to any document.”

/Related

More Articles

He further stated that malicious players had traded DMG via his account on October 18th and 19th. He questioned why FTX had no risk control measures in place for illegal trading activities.

Then asked how the exploiter still traded illegally on his account on October 21.

Bruce added that FTX was investigating the series of incidence.

3Commas Response to the Situation

Meanwhile, crypto trading platform 3Commas has denied culpability, saying “there are multiple affected users who have never been 3Commas customers and there is no possibility the security breach originated with 3Commas’ services.”

Its team initially commented that its security systems had not been breached, and they are investigating the matter.

3Commas’ update on the situation stated that its investigation shows that some API keys were linked to new 3Commas accounts that were just created and used for the unauthorized DMG token trades.

These API keys are not taken from the 3Commas website. But it appears that some users accidentally connected to fake websites impersonating 3Commas. These phishing websites captured the users’ API and were later used for the hack on FTX. 

The update further clarified that the issue affected not only 3Commas users but those users that have never used 3Commas. 

Due to the scale and sophistication of the attack we also suspect that 3rd party browser extensions or malware may also have been used.

FTX and 3Commas have disabled all APIs for accounts with any suspicious activity and have asked users to create new ones.

For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here

Disclaimer

BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.