top of page
  • Writer's pictureTom Clinton | Aificial Editor Chief

3Commas confirms the API Key Leak after Denying their Involvement

Image illustration via
Image illustration via

Security breaches have been a relentless threat to the cryptocurrency industry in recent years, leaving trails of disruptions and major financial losses. As more platforms fall prey to their cold grasp, the industry’s vulnerability level has become increasingly apparent.

Joining the growing list of victims is cryptocurrency trading bot company 3Commas, as a recent cyber attack compromised several users’ accounts.

New Data Breach on 3Commas

In a blog post on October 8th, 3Commas revealed that it had experienced a security breach after several users reported unauthorized trades occurring on their accounts. According to 3commas CEO Yuriy Sorokin, the impacted accounts lacked two-factor authentication (2FA), granting hackers unauthorized entry into customer account data.

Sorokin did not disclose the full extent of the vulnerability but stated that only a limited number of user accounts were impacted. The CEO assured users that sensitive data such as API credentials and passwords remained secure.

Users are advised to enable 2FA and engage in regular password resets to thwart the potential of similar breaches in the future. 3Commass assured that operations on the platform will continue without disruption.

Community Response

As news of the 3Commas breach spread across the industry, the exchange has come under intense scrutiny as concerns were raised among investors and experts.

Crypto security expert ZachXBT took to Twitter to express dissatisfaction with 3Commas security practices, especially considering the exchange had suffered a similar security incident in December 2022.

On December 9, 2022, 3Commas experienced an API Keys Leak, which resulted in over $22 million being siphoned from several users’ accounts. The company initially denied blame for the attack but eventually accepted responsibility after substantial evidence emerged. 

Some investors have called for a boycott of 3Commas to prevent more users from losing assets due to the company’s security shortcomings.

Why This Matters

In the aftermath of the 3Commas breach, it is clear that users’ trust and confidence in the firm have been shaken. The incident serves as yet another reminder of the unrelenting security threats in the cryptocurrency industry.


  • Instagram
  • Facebook
  • X
  • Threads
  • LinkedIn
  • YouTube
  • TikTok
90efa645-fa84-4ebf-8c86-02ed6069ec31 (2).png
bottom of page