The cryptocurrency trading firm offers another denial of the claim that users’ API keys were stolen and urges consumers to file a complaint with local authorities in response to the issue.
The bitcoin trading firm known as 3Commas has refuted allegations that its staff stole API keys belonging to clients, claiming that the images that have been circulating on social media are fake. The corporation has also encouraged users who have had their API keys stolen to file police reports to prevent criminals from taking their money.
Yuriy Sorokin, co-founder and CEO of 3Commas, wrote in a blog post published on December 11 that fake screenshots of Cloudflare logs are circulating on Twitter and YouTube. He claimed this was “in an attempt to convince people that there was a vulnerability within 3Commas and that we were irresponsible enough to allow open access to user data and log files.”
The claimed screenshots are intended to illustrate how the 3Commas dashboard found at Cloudflare was used to make customer API keys publicly available.
In a subsequent blog post made public on December 10, 2018, Sorokin extended an invitation to affected individuals, asking them to report the fact to the proper authorities so that their exchange accounts are suspended.”
“Because most cryptocurrency exchanges comply with Know Your Customer standards, users must provide identifying information to trade cryptocurrency or withdraw funds from their accounts.
According to the company, if users affected by the issue filed a complaint with the police, Exchanges would be allowed to share this information with the relevant authorities.
Phishing efforts were a “contributing element” in the loss of customer information, according to 3Commas, which claims to have discovered data to support this claim.