QUICK TAKE:
Binance discovered API Keys hack on its platform
The user had stored API keys on a 3rd party bot trading platform – Skyrex
The price of AXS was pushed to a low, then spiked, and then came back to a stable level in a single day
A new type of scam is gripping the cryptocurrency industry which makes use of contra trading to steal tokens. Web3 reporter Colin Wu raised the alarm on it earlier today, even though it was first discovered by the FTX crypto exchange last week.
On November 14, the same hack was discovered on the world’s largest crypto exchange Binance. It was noticed that the price of AXS was pushed to a low of $4 USD, then spiked to nearly $20, and then back to a stable level of $7 in a single day.
Furthermore, a Twitter user named CarlosOMFGTv (0%) explained that despite going through many steps of Binance’s security verification and making sure no one had access to the account, his account was still hacked. He wrote,
Anyone wondering why #AXS is pumping. Someone, somehow bought a million dollars worth on my @cz_binance @binance account. I have multiple security levels, nobody accessed my account…
WTF!?
I just got REKT. pic.twitter.com/iGOocFZynU
— CarlosOMFGTv (0%) (@CarlosOMFG) November 13, 2022
It is worth noting that Binance quickly responded to the user’s post asking for assistance and clarifying the incident. CEO of Binance Changpeng Zhao also responded to his tweet and wrote,
Did you share your API key with Skyrex or 3commas, or some other 3rd party platform? If you did, remove those immediately. Our CS agent have spoken with you, right?
Binance CEO on API Keys Hack
Furthermore, on the morning of November 14, Binance CEO CZ stated that a third-party API caused the incident. He even advised users to ‘delete’ API keys from 3rd party platforms like Skyrex and 3commas. For the same, he tweeted,
We seen at least 3 cases of users who shared their API key with 3rd party platforms (Skyrex and 3commas), and seen unexpected trading on their accounts. If you used such a platform before, I highly recommend you to delete your API keys just to be safe. 🙏
Moreover, he even shared CarlosOMFGTv (0%) tweet and wrote,
Carlos confirmed the unrecognized orders were due to his API key leakage. He only has one active API key and it was used on Skyrex, a crypto trading bot platform. We will try to disable all API keys that was used by Skyrex, figuring out how to identify them now. https://t.co/cOANWOyAou
— CZ 🔶 Binance (@cz_binance) November 14, 2022
Notably, as per Wu, a Twitter user ‘CoinmanLabs’ discovered yesterday that there might be other cases where contra trading was used to steal coins on Binance, including AXS CVX and TVK. A tweet by Wu wrote,
Review of the whole process:3Commas API KEY ‘leak’, FTX user funds was stolen by contra trade. While focused on FTX, it also happened subsequently on Binance Coinbase.
Nonetheless, this incident appears to exacerbate the cryptocurrency industry’s “dilemma.” After the collapse of the FTX empire, many people’s confidence was already shaken. Moreover, FTX users had also suffered a very similar scam on 3commas earlier this month.