Crypto company 3Commas said that a joint investigation with the FTX exchange revealed that 3Commas API keys were not used for unauthorized transactions with DMG trading pairs on FTX.
The 3Commas team claims that the API keys were likely obtained through a third-party phishing attack or hack. During the investigation, the team found that several fake websites impersonating 3Commas were used for phishing, tricking users into connecting their accounts to fraudulent web interfaces:
“The API keys were then stored on a fake website and used to place unauthorized trades for DMG trading pairs on FTX.”
3Commas suspects third-party browser extensions or malware may have been involved in the scam:
“There was no hack in the 3Commas account security databases or API keys. This issue has affected many users who have never been 3Commas customers, so there is no possibility that this is a leak of API keys originating from 3Commas.”
The 3Commas team emphasized that its representatives are now “in close contact with the victims of this third-party attack and are working with them to provide assistance and gather more information.” Previously a Twitter user via the PeckShield channel
declared FTX, which lost about $1.5 million due to the exploit of the 3Commas and FTX blockchain API keys.
Recently, FTX CEO Sam Bankman-Fried proposed paying hackers a $5 million bounty, or 5% of the amount of stolen crypto assets, to mitigate the effects of hacks and exploits.
Source: Bits

I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.