The United States Federal Investigation Bureau (FBI) is probing the data breach at Estonia-based 3Commas that exposed thousands of linked API keys, Coindesk reported on Friday, though there is no official confirmation yet.
The investigation came after the confirmation of 3Commas’ CEO Yuriy Sorokin on the authenticity of the publicly shared database of 3Commas APIs. Earlier, he was in denial of any such breach and even called previously leaked API databases fake.
1. Statement from 3Commas:
We saw the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas.
— Yuriy Sorokin (@YS_3Commas) December 28, 2022
The concerns around the security measures of 3Commas began in late October when then-functional crypto exchange FTX issued a security alert in response to an unauthorized trade from a customer account. Though FTX and 3Commas concluded that the hackers created a 3Commas account to execute the malicious trade, the Estonian company said, “the API keys were not taken from 3Commas but from outside of the 3Commas platform.”
In a consecutive blog post, Sorokin also acknowledged that 3Commas had “hard evidence that phishing
