3Commas Crypto Trading Bot Faces Security Concerns After Unauthorized Trades


  • 3Commas finds itself on “heightened alert” following reports of unauthorized trades.
  • An internal investigation by the company revealed that only a limited number of customer accounts had been compromised.
  • The company has introduced a new approach to resetting passwords.

In recent developments, 3Commas, a prominent provider of cryptocurrency trading bots, finds itself on “heightened alert” following reports of unauthorized trades occurring in some user accounts. The company’s co-founder and CEO, Yuriy Sorokin, acknowledged the issue in a blog post on October 8th, 2023, prompting a swift response from the platform.

3Commas unauthorized trades trigger heightened alert

Users of 3Commas reported instances of unauthorized trades in their accounts shortly after resetting their passwords. An internal investigation by the company revealed that only a limited number of customer accounts had been compromised, but the exact number of affected users was not disclosed. 

Yuriy Sorokin reassured the community that the platform’s services were running normally while emphasizing that the investigation would continue. The compromised accounts had one common vulnerability – most of them had not enabled two-factor authentication (2FA). Importantly, 3Commas stated that user API data and passwords were not accessed in this incident.

To prevent similar incidents in the future, 3Commas has taken several security measures. Notably, the company has introduced a new approach to resetting passwords, providing an additional layer of protection for users. Furthermore, 3Commas has disabled API connections after a user resets their password, bolstering security further. In light of these developments, the company strongly encourages its users to enable two-factor authentication (2FA) and to regularly change their passwords.

This is not the first time 3Commas has faced security concerns. In December 2022, the platform disclosed an incident that occurred in October of the same year. During this prior incident, user API keys were leaked, leading to unauthorized trades being executed on affected accounts. 

Initially, 3Commas denied a breach had occurred and suggested that their customers had been victims of phishing attempts. However, the company later admitted to an API leak, leaving affected users frustrated and demanding refunds and an apology for being initially misled.

Yuriy Sorokin expressed regret over the recent incident and assured users that 3Commas is committed to improving its security protocols to prevent or limit such occurrences in the future. These measures are crucial in maintaining trust within the cryptocurrency trading community, where security and transparency are of paramount importance.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Benson Mawira

Benson is a blockchain reporter who has delved into industry news, on-chain analysis, non-fungible tokens (NFTs), Artificial Intelligence (AI), etc.His area of expertise is the cryptocurrency markets, fundamental and technical analysis.With his insightful coverage of everything in Financial Technologies, Benson has garnered a global readership.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Crypto hacks
Subscribe to CryptoPolitan