Hacks are not uncommon in the world of technology and cryptocurrency. We have published the mega list of top crypto exchange hacks, which shows how massive these kinds of incidents are. What makes a difference after such an incident is how the leadership team handles the impacted accounts and communicates with the world.
Today’s news is for all those users who have been using a popular trading terminal and bot application called 3Commas. It is unfortunate how 3Commas (despite being an industry leader in the category) handled the entire situation. We have reviewed 3Commas here, in case you want to refresh your memory.
In this news article, you will learn what has happened and what you can do about it.
3Commas hack – What happened?
On November 14th, 2022, Binance founder CZ tweeted that the API key from some 3rd party trading platforms like 3Commas and Skyrex has seen unexpected trading, indicating that these platforms might have been compromised.
3Commas denied such allegations and hinted that users might have been compromised using a phishing attack. They also ran a campaign to create awareness and educate users.
However, they denied any wrongdoing from their side and lashed out at users and influencers who have been blaming 3Commas for unexpected trading.
In the midst of all these, what really baffled many users is that the 3Commas bug bounty prize is only 100 USDT 🤯
Fast forward to 29th December 2022, CZ (Binance founder) again tweeted, confirming the API keys used on 3Commas are compromised.
Soon after that, 3Commas official Twitter handle, and CEO/founder also tweeted confirming the hack of 3Commas users’ API, and is applicable for all the exchanges.
What should 3Commas users do?
It is unfortunate for the loyal users of 3Commas how 3Commas handled the case. At the same time, it is equally devastating for users who have lost their money because of 3Comma’s security blunder and 3Commas consistently denying it.
As it is, 2022 was terrible due to the Luna crash and the FTX fiasco; the 3Commas hack was the last thing 100,000+ users would have wanted.
Who is impacted?
Anyone who has used the 3Commas platform for trading on any crypto exchanges supported by 3Commas is impacted. The date of their database hack is still unclear, so to be safe, if you have connected to any exchange via API on 3Commas before 29th December 2022, you should consider yourself impacted.
If you think that you have not given withdrawal permission, then also you are impacted. The hacker will not be able to withdraw funds from your exchange account, but they will trade your cryptocurrencies for small-cap coins and then dump the price of those coins to make a profit. In a nutshell, if you have used 3Commas in the past or using it, you need to take action as mentioned below.
What should you do if you have been a user of 3Commas?
- Disable/delete the API key associated with 3Commas on your exchange dashboard – Login to your crypto exchange account and delete the API key you created for 3Commas. This is the first thing you should do.
- Update the API Key – 3Commas lets you update the API key, ensuring you don’t lose access to your past data and statistics.
- Never re-use the same API Key – Ensure you never re-use an API key to connect with multiple accounts. For example, trading terminals and crypto tax software.
- Label your API key correctly – While creating your API Key, label it appropriately. This is just a matter of discipline.
3Commas alternatives – Should You Use 3Commas again?
The way 3Commas has handled the entire scenario has shaken the trust of many loyal users. I would not be surprised if you are one of them and looking for an alternative to 3Commas.
Here are some of the best 3Commas alternatives for 2023 which are not hacked:
- Bitsgap – You can read the Bitsgap to learn everything about it.
- Cryptohopper – Another OG of the crypto trading tool. The interface is not as friendly as 3Commas or Bitsgap, but something many of you might like.
- Pionex – If your purpose is grid bot trading, this could be a decent option. The only problem is they work as an exchange, so your funds have to be deposited on Pionex.
Personally, I would pick Bitsgap, which has excellent features that you will enjoy.
In the coming days, we will have more clarity on how 3Commas will improve its security infrastructure so that such incidents will never happen. For now, the impacted users are in rage, which is understandable, and hopefully, impacted users will get over this incident like other unfortunate events of 2022.