FTX API Keys Linked to 3Commas Exploited

On Oct 24, 2022 at 8:43 am UTC by · 2 mins read
an image

In the recent case of API keys stolen from FTX accounts, chief Sam Bankman-Fried announced to return $6 million in users’ lost funds.

A suspicious trading activity led to an investigation by the trading-bot platform 3Commas and cryptocurrency exchange FTX. The investigation revealed that API keys linked 3Commas were used to conduct unauthorized trades for DMG trading pairs on FTX.

Last week on Oct 20, the 3Commas team got alerted when several FTX API keys connected to the platform performed unauthorized trades. Later, 3Commas confirmed that the API keys weren’t taken from the platform but a third-party phishing attack.

Further investigation showed that there were multiple websites claiming to be 3Commas. These fraudulent websites tricked users into connecting their exchange accounts. 3Commas believes that a third-party malware or extension must be involved in this activity. It added:

“The API keys were then stored by the fake website and later used to place the unauthorized trades on the DMG trading pairs on FTX”.

The trading-bot platform 3Commas further added that it was not be blamed for the user data falling into wrong hands. The trading bot platform noted:

“To reiterate and clarify, there has been no breach of either 3Commas account security databases or API keys. This is an issue that has affected multiple users who have never been customers of 3Commas so there is no possibility that it is a leak of API keys originating from 3Commas.”

From the API exploit, one of the Twitter users calimedto have lost more than $1.5 million. The same has been verified by data analytics firm PeckShield.

FTX Chief Announces Compensation

FTX Chief Sam Bankman-Fried wrote a detailed Twitter thread about how phishing attacks have got common in the crypto space. He further explained that the FTX team has been taking all measures to counter such attacks. However, it sometimes becomes difficult to control websites masquerading as the crypto exchange.

For this particular case, SBF said that they have decided to compensate the users. However, he warned users that this would be the last time he would be compensating users’ with a total of $6 million in losses. SBF said that “THIS IS A ONE-TIME THING AND WE WILL NOT DO THIS GOING FORWARD. THIS IS NOT A PRECEDENT. We will not making a habit of compensating for uses getting phished by fake versions of other companies!”

The crypto billionaire also stated that if the hackers give away 95% of the $6 million stolen from FTX accounts within 24 hours, “we’ll absolve them”.

Share:

Related Articles

Sam Bankman-Fried Files Appeal to 25-Year Prison Sentence: Report

By November 4th, 2025

Sam Bankman-Fried, the founder of defunct crypto exchange FTX, has filed an appeal to his 25-year prison sentence.

FTX Was Never Insolvent, Claims SBF

By October 31st, 2025

In a new 14-page document dated Sept. 30, 2025, Sam Bankman-Fried claimed that FTX’s downfall was not the result of insolvency but a classic bank run.

Former FTX US President to Build New Trading Hub Focused on Perps

By October 29th, 2025

Former FTX US president Brett Harrison returns with AX, a Bermuda-regulated exchange offering perpetual contracts on forex, stocks, and commodities with crypto-like efficiency.

Exit mobile version