Binance users have reported abnormal trades of some altcoins, including OM, NEXO, AMP, POLS, SUN, ARDR, BIFI, XVS, ARK, LOOM, and OSMO, Wu Blockchain reported
According to the report, the abnormal trades triggered concerns about whether hackers have stolen some users’ API keys through 3Commas and are now using those accounts to execute the trades.
Binance Denies API Compromise
However, Binance has denied that there was any hack or API compromise. The official account tweeted, “This activity does not appear to be due to compromised accounts or stolen API keys; funds are SAFU.”
The CEO, Changpeng Zhao, has added new information stating that investigations so far showed that one account deposited funds and started buying and other accounts also started doing the same. Investigations do not show any relationship between the accounts.
He added that Binance temporarily locked withdrawals on some accounts profiting from the contra trades. This triggered several complaints from various addresses on social media.
“We are aware of the concept of too much intervention from the platform, “too centralized” attacks, etc. There is a balance to how much we should intervene. Sometimes, these happen in a free market, and we need to let it play out.”
Meanwhile, 3Commas also noted that it is working with Binance to investigate the incidents and determine whether it is connected to the API compromise.
Even with the clarification from Binance, many people are still concerned that this might have something to do with compromised users’ API keys.
Similar Event on FTX
In October, several FTX users reported that contra-trade on their accounts led to the loss of their assets. A particular user lost almost $1.6 million of his assets through a contra trade involving DMG tokens.
Initially, 3Commas denied that there was no leak on its part. But it later found out that several phishing websites imitated the 3Commas design and interface. These phishing sites captured all the API keys of users who unknowingly used them.
Hackers later used the API keys to access users’ accounts and place unauthorized trades. At the time, the trading platform urged users to create new API keys and update their linked exchange accounts.
With a similar situation now happening on Binance, there are concerns that 3Commas and the exchange are not giving complete information.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.