Fake screenshots are being circulated claiming employees stole API keys
DEC 11, 2022
7 MIN
- All
- Analytics
- Technical Analysis
- Trading
- Blockchain
- DeFi
- Guides
- Company News
- Educational
- Opinion
- Price Predictions
- Tools
- Market News
- News
- Trading cases
- Practical guides
- Exchanges
- Trading signals
- Cryptocurrency
- Crypto bots
- Other
Become a crypto master
Become a crypto master
Learn everything about crypto,
trading and bots
Learn everything about crypto,
trading and bots
Security Notification - Update Your API Keys
DATE PUBLISHED: NOV 17, 2022
DATE UPDATED: JAN 11, 20233 MIN
Security enhancements now live
Dear traders,
Your account security is our greatest priority. Over the past month, there have been multiple incidents of unauthorized trades on partner exchanges. We’ve identified that these users’ API keys were accessed through a variety of phishing and input-stealing methods.
We’ve engineered a new security upgrade to our API management system. This product will provide users with a more secure way to sign in and obtain API keys from partner exchanges using a cutting-edge cryptographic solution to create a fully isolated environment where the keys cannot be exported or reused. No one but you and the exchange will have access to your encrypted keys. This creates an incredibly strong security layer that will benefit the entire crypto ecosystem. We will try to make this solution free and available to all market participants.
In conjunction with the above, 3Commas is also working with select exchanges to whitelist IP addresses, which will prevent account access and API usage from outside of 3Commas.
With your help, we’re fighting back against the bad actors who attacked our users. We have a critical action you can take to assist with this. What we need you to do is delete and reissue your API keys on exchanges you’ve connected to 3Commas.
Please carefully follow the step-by-step instructions in our collection of API connection guides for each exchange:
For exchanges that offer Fast Connect, we strongly recommend utilizing that feature for enhanced security. We are working with multiple exchanges to bring you this service. Here are the partner exchanges that will feature Fast Connect.
- Binance (excludes Binance.US)
- Deribit
- OKX (QA stage)
We’re putting in a lot of work to increase security, but it also requires you to be vigilant and follow our security checklist. Always keep your account credentials and API keys safe and confidential, as well as delete unused API keys. Keep your notifications set up to tell you of new trades and immediately report any suspicious activity.
Thank you for your cooperation
3Commas Security Team
