According to Cointelegraph, crypto trading bot provider 3Commas is on heightened alert after some of its user accounts were compromised and used to place unauthorized trades. In an October 8 blog post, 3Commas co-founder and CEO Yuriy Sorokin stated that the company received reports from users about unauthorized trades on their accounts after resetting their passwords. An investigation revealed that only a few customer accounts were compromised, but 3Commas did not disclose the number of users affected.

The accounts with unauthorized trades mostly had not enabled two-factor authentication (2FA), according to 3Commas. The data accessed did not include user API data or passwords. As additional security measures, the firm implemented a new approach to resetting passwords and disabled API connections after a user resets their password. It recommended that users enable two-factor authentication and regularly change their password.

In December 2022, 3Commas disclosed an incident from October where user API keys had been leaked, leading to unauthorized trades on victim accounts. Sorokin and 3Commas initially denied a breach had taken place and instead suggested its customers had been phished. However, they later admitted there had been an API leak from 3Commas. Users affected by the API leak called for refunds and an apology for being gaslighted. Sorokin stated that 3Commas is improving its security to prevent or limit similar future incidents.