Hack Alert: Binance Accounts Still Vulnerable to 3Commas API Flaw, Traders Say

Seasoned poker player and trader with 280,000 followers on Twitter found that their deposits on Binance (BNB) had disappeared. It looks like their losses should be attributed to the vulnerability unveiled in mid-October.

Hackers target Binance (BNB) accounts: Who is in danger?

Binance (BNB) users have had their accounts drained by attackers through a well-known vulnerability of 3Commas trading bot API instruments, according to a statement by Rodion Longa, founder of the Worldpokerdeals portal. His losses are estimated at $450,000 in Binance USD (BUSD) stablecoins.

@cz_binance @BinanceRussian My account was just exploited using 3commas API leak similar to this case https://t.co/89TvsiV3H9

Please help. 450k busd lost

— Rodion Longa (@LongaRodion) December 9, 2022

Longa recalled that he has not used 3Commas trading bot API in the last 11 months, so there is no possibility of a phishing attack. He had even forgotten about the fact that an API connection was established on his Binance account.

Almost simultaneously, a similar issue was reported by an anonymous trader who goes by @coinmamba on Twitter. The trading veteran stated that he had only connected his API to 3Commas services and had also forgotten about the fact.

He immediately reported the issue to the Binance (BNB) team and asked for a compensation. However, he said that his core motivation was to make the platform take action to prevent such attacks from happening again.

Binance (BNB) restricts operations of affected trader, here’s why

Changpeng «CZ» Zhao responded to Coinmamba and stated that his case cannot be eligible for Binance’s SAFU compensation program as this might unlock attractive opportunities for abuse:

Mamba, there is almost no way for us to be sure users didn’t steal their own API keys. The trades were done using API keys you created. Otherwise we will just be paying for users to lose their API keys. Hope you understand.

In a few hours, Coinmamba unveiled that his Binance (BNB) account was put in «withdraw only» mode. He shared a screenshot of a tweet allegedly deleted by CZ, where the Binance CEO called the trader «unreasonable» and called the entire situation a «two-sided walk.»

Coinmamba concluded that the account was restricted due to «his tweets.»

As covered by U.Today previously, a number of reports flooded crypto Twitter in October-November 2022: traders noticed that attackers started using the 3Commas API to pump and dump low-cap coins via Binance accounts.

In an official statement, the 3Commas team assured users that no keys were leaked on their side.

Source