Earlier today, 3Commas confessed to an API leak after denying the community report for months. The move stirred victims to demand refunds and an apology for gaslighting.
3Commas’ clients demand a refund and an apology
Victims of the 3Commas API breach are calling for reimbursement of funds lost and an apology from the company for mishandling the API leak situation. Months after the community released a report showing the API leak, the company engaged in a tussle with the victims whose accounts were involved in the illicit trades.
The company came out strongly to disprove any breach in the platform as the CEO Yuriy Sorokin denied the possibility of a rogue employee facilitating an inside job to defraud customers. The statement by the CEO blamed any exposed APIs on phishing attacks on users.
According to the statement released on Dec. 28, there was a change of stand by 3Commas on the entire incident necessitated by a comprehensive analysis conducted on the API leak. The company CEO, Sorokin, admitted the API breach and confirmed the validity of the API keys broadcasted by the hacker.
Sorokin told the community that they had done everything to investigate possibilities of an inside job but did not find any traces. According to the investigations, the number of technical employees accessing such information was small, and their access has been limited since Nov. 19. He assured the public of tightened security measures and the complete involvement of law enforcers during the whole investigation.
The abrupt announcement has surprised the community, given that 3Commas had previously refuted the claims by customers, terming them as lies perpetuated by “bad faith actors.” They also accused the victims of presenting falsified evidence.
In response to the revelations by 3Commas, Deribit acted quickly to announce the deletion of the API keys its customers used to trade on the platform through 3Commas. They assured customers not to worry since there were no leaked Deribit keys on the internet, but it was a precautionary measure.
Victims and crypto enthusiasts, through Twitter, launched a series of rants castigating the actions by 3Commas. The affected parties, such as Turgut Oztunc, swore to pursue the matter further if the company did not issue refunds.
Other aggressive comments emanated on Twitter as crypto enthusiasts registered their disappointment on 3Commas.
Source: https://crypto.news/3commas-admits-api-leak-as-victims-demand-refunds-and-apology/