A trader had his Binance account hacked, following a leak of API keys on the trading service he was using. The criminal(s) then used the victim’s account to manipulate the price of the AXS token, which recorded a 200% increase in a few minutes.
API keys leaked and a trader had his account hacked
Sunday afternoon, a trader had the bad surprise to see unwanted positions taken on his Binance account. The hack actually involves a data leak of the victim’s API keys, allowing him to link his Binance account to the trading service he was using:
Anyone wondering why #AXS is pumping. Someone, somehow bought a million dollars worth on my @cz_binance @binance account. I have multiple security levels, nobody accessed my account…
WTF!?
I just got REKT. pic.twitter.com/iGOocFZynU
— CarlosOMFGTv (0%) (@CarlosOMFG) November 13, 2022
The hacker thus opened multiple positions in order to manipulate the price of the AXS, the token of the Axie Infinity blockchain game. The price of the asset then recorded 200% progress in the space of a few minutes before collapsing afterwards and almost returning to its original level:
Figure 1 – AXS price in minutes at the time of the trade
The victim also explains that she would have lost around $100,000 following this attack. It’s a safe bet that the hackers had accumulated AXS beforehand, in order to sell it following their market manipulation.
👉 To go further – Find our guide on best practices to limit the risk of hack
The French unicorn of crypto wallets 🔒
A complete crypto experience, from buying to securing
Binance takes on the case
If the victim’s funds were on Binance, it is important to point out that the security breach is not attributable to the platform.
Changpeng Zhao (CZ), the CEO of the exchange, clarified that there would be at least three similar casesincluding the one discussed in this article:
We seen at least 3 cases of users who shared their API key with 3rd party platforms (Skyrex and 3commas), and seen unexpected trading on their accounts. If you used such a platform before, I highly recommend you to delete your API keys just to be safe. 🙏
— CZ 🔶 Binance (@cz_binance) November 14, 2022
The leaks concern people using the services of Skyrex and 3commas trading bots. CZ also indicated that Binance will investigate further:
“Carlos (the victim, editor’s note) confirmed that the unknown orders were due to a leak in his API key. It only has one active API key and it was used on Skyrex, a crypto trading bot platform. We will try to deactivate all the API keys used by Skyrex, finding out how to identify them now. »
API connections in the crypto ecosystem
API connections are useful for several scenarios in our ecosystem. For example, reading only our accounts on centralized platforms will be useful for solutions like Waltio, allowing us to centralize our transaction history in order to facilitate our tax declaration.
But further use allows for example to give permissions to trading bots or trading terminals, so that you can interact remotely with an exchange. In this case, it is necessary to precisely define the authorizations that you wish to grant to this connection:
Figure 2 – Setting up an API key on Binance
A point of failure may then be in the third-party service to which we have provided this connectionand this is what seems to have taken place in the case previously exposed.
As with any project, these services must therefore also be subject to an in-depth analysis before granting them access to our investments, in order to guard against certain disappointments.
👉 Also in the news – FTX case – Binance offers an emergency fund for the entire crypto ecosystem
Join Experts and a Premium Community
PRO
Invest in your crypto knowledge for the next bullrun
Source: Binance, TradingView
Newsletter 🍞
Receive a summary of crypto news every Monday by email 👌
What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.