After the recent suspicious hack of the FTX exchange, Binance users with a large portfolio on the exchange reported that someone got access to his account and placed a massive order on AXS token, buying $1 million worth of the digital assets. However, Binance is not to blame.
In a Twitter thread, the CEO of the exchange himself posted his concern about the situation and stated that Binance is trying to understand what might be the issue. Shortly after, CZ came up with an explanation, confirmed by the user, who almost lost his funds.
Carlos confirmed the unrecognized orders were due to his API key leakage. He only has one active API key and it was used on Skyrex, a crypto trading bot platform. We will try to disable all API keys that was used by Skyrex, figuring out how to identify them now. https://t.co/cOANWOyAou
— CZ 🔶 Binance (@cz_binance) November 14, 2022Crypto Market Review: Will Bitcoin Hold $90,000 Over the Weekend? Don't Write XRP off Here, Ethereum (ETH) $3,000+ Surge PlausibleBNY Taps Ripple Prime to Pioneer Programmable Cash for Big InvestorsMorning Crypto Report: XRP Risks Becoming $2 Stablecoin, Coinbase Reveals 4 Proofs of Crypto Reset, '$10,000 Zcash' Advocate Ends Speculation on ZEC Developers' ScandalRipple-Backed Evernorth to Expand XRPL Adoption
The root of the problem is Binance's API key used for placing orders via various accounts, managing solutions like trading bots or platforms that have more advantages compared to the traditional trading desk.
The Skyrex crypto trading bot was the solution used by the Binance user who had to close an unwanted position of AXS. However, the API leak might not be tied to the project but to the user himself, who could have accidentally leaked it. If Skyrex is the source of the leak, users should immediately revoke APIs through their account setting on Binance to avoid potential issues with their accounts.
According to CZ's statement, they will disable all API keys used by Skyrex even without action from their users to avoid the further aggravation of the leak. Reportedly, only one account became a victim of hackers, but it is not clear whether they gained access to the funds of other prominent users or not.
At press time, the token purchased by hackers has returned to its usual trading range regardless of the massive 171% spike.
Caroline Amosun
Denys Serhiichuk
Vladislav Sopov
Tomiwabold Olajide