Hackers extract cryptocurrencies from exchanges with new technology

API services (acronym for Application Programming Interface) are often provided by cryptocurrency exchanges. This makes it possible to use third-party software to manage transactions.

However, a new scam exploits this “system loophole” to harm investors. According to journalist Colin Wu, a single user lost the equivalent of BRL 8.3 million in cryptocurrencies such as BTC, ETH, FTT and others.

His balance was in the FTX broker, one of the largest and best known on the market. However, the same denies that the problem is yours and states that the leak came from another company called 3Commas.

“The feedback from FTX was that the 3Commas API KEY was leaked and similar situations were not isolated cases”some users told journalist Wu Blockchain.

In a public response, 3Commas said the case “Treated with top priority”. Going further, it also noted that it has the best security practices, with two-factor authentication (2FA) and one-time password (OTP).

3Commas responds to information from journalist Colin Wu/Wu Blockchain.
3Commas responds to information from journalist Colin Wu/Wu Blockchain.

According to the company’s own information, 3Commas is the largest cryptocurrency trading software in the world, with a monthly volume of $23 billion.

Understanding the scam that used API to tap user cryptocurrencies from the FTX exchange

First, it should be noted that such APIs have limitations. That is, they generally cannot be used to withdraw cryptocurrencies from an exchange by third-party software.

However, it is possible to use them to buy and sell cryptocurrencies available on such an exchange. So the scammers used the API of one of the victims to trade a small token called DMM Governance (DMG).

Better explained, the scammers owned such a shitcoin and then traded it for the victim’s bitcoins and ethers. In addition to a spike in volume, DMG’s price also jumped 669% last Wednesday (19).

“A new method of stealing cryptocurrencies is emerging: counter-trading. On October 19, a user discovered that his FTX account, using the 3Commas API, was trading [o token] DMG more than 5,000 times, stealing nearly $1.6 million [em criptos] such as BTC, ETH, FTT, etc. from your account.”

Finally, API is a tool used by professionals. Therefore, there is no reason to activate them in your account regardless of the broker you use. As seen above, although APIs cannot be used for withdrawals, scammers are so creative that they will find a way to steal your money.

Buy Bitcoin at Bitso

At Bitso it is easy and safe to buy Bitcoin and other cryptocurrencies. Sign up and earn 10 USD in cryptoback.: bitso.com/

Take part in the first 100% Bitcoin Networking and Content Festival in Brazil

It will be a full day of content, lectures, workshops and panels, as well as networking opportunities that will spread throughout the week. Join us: satsconf.com.br/

Follow Livecoins on Google News.

Like on Facebook, twitter and Instagram.

Source: Live Coins