3Commas an automated trading bot development platform, revealed on October 21 that three of its users’ keys had been exploited to make unlawful transactions on the accounts of its partner exchanges.
Investigations showed that the affected users had been tricked into visiting bogus 3Commas websites, proving that the keys had not been taken from 3Commas.
A “One Time” Compensation Thing
Sam Bankman-Fried, the CEO of cryptocurrency exchange FTX, tweeted on October 24 that a number of other users had also fallen victim to phishing scams that impersonated websites like 3Commas. While FTX cannot stop criminals from fabricating websites for other cryptocurrency services, the exchange will make up to users who together lost $6 million as a “ONE TIME THING,” he claimed.
Bankman-Fried went on to say that the exchange has “a vast amount of safeguards” to stop phony sites from assaulting FTX accounts and that FTX has a team dedicated to stopping fraudulent FTX clones. Although “it took a lot of work,” he continued, “most efforts to stop phishing attacks have been effective.”
Industry-Wide War Against Phishing
Bankman-Fried noted that, in contrast to the current situation, where each organization must attempt to combat phishing attempts independently, phishing “sucks” and is something that must combated by the industry collectively.”
According to SBF, the recent phishing assaults tricked FTX and other exchange users into giving their API credentials so they could utilize the trading services on phony platforms. The assault techniques may have changed depending on the target sites, but the victims were always taken advantage of by “third-party attackers,” the author claimed.
SBF further proposed that in order to receive forgiveness, the con artist should repay $5.7 million, or 90%, of the money he stole. He continued by saying he hoped other exchanges, including Binance, whose users were impacted by the scam, will also provide restitution to the victims. But he reiterated his caution, saying that since it is not a “precedent,” FTX will not in the future payout to individuals who knowingly provide their personal information in phishing scams on external websites.
Image Courtesy of Shutterstock