Sam Bankman-Fried, the chief executive officer of the FTX crypto exchange, is going to give around $6 million to FTX users affected by an exploit. It is not the first time Sam to give money to affected users through an exploit, as he previously did this job many times.
There was a multimillion-dollar phishing scam occurred in the FTX exchange, which also affected its users, and for this loss, Sam is remunerating to users. The users were affected by this scam through compromised 3Commas’ API, also known as Application Programming Interfaces.
On the 24th of October, Sam tweeted that he was ready to remunerate up to $6 million for FTX users affected by an exploit. He also indicated that the hackers used 3Commas’ API to make trades on the exchange.
Colin Wu, the blockchain journalist, was the first to report the incident last Friday, in which it explained that an FTX user had found their account making trades without authorization. Colin also identified that within 24 hours, three users were affected by the same hack.
The user who was affected by this hack reported Colin Wu and also to FTX. They reported that the exploit was caused by the 3Commas’ API leak. On the 23rd of October, 3Commas published a security update where it confirmed that the API keys linked to newly-created 3Commas accounts. It also confirmed that those 3Commas accounts were used to execute the unauthorized trades.
This security update from 3Commas shows that the breach did not come from 3Commas, but there is also the possibility that when users connected to websites impersonated 3Commas. The users were connected to impersonated 3Commas, which allowed hackers to commandeer their APIs to compromise their FTX accounts.
However, users who never used 3Commas were also affected by this hack, and because of that, FTX and 3Commas have disabled APIs linked to suspicious. They have also asked users to create new APIs instead of using their old ones.