SNEAK PEEK
- A Binance user reported that someone hacked into his crypto trading account.
- A suspicious order was made on AXS token worth $1 million worth of digital assets.
- Binance’s API key used for placing orders via accounts is the major problem.
A suspicious hack of the FTX exchange was witnessed globally when a Binance user reported that someone has hacked into his account and further placed a huge order of $1 million worth of digital assets using AXS tokens. Sources now say that Binance is nowhere to be blamed for this fiasco.
Anyone wondering why #AXS is pumping. Someone, somehow bought a million dollars worth on my @cz_binance @binance account. I have multiple security levels, nobody accessed my account…
— CarlosOMFGTv (0%) (@CarlosOMFG) November 13, 2022
WTF!?
I just got REKT. pic.twitter.com/iGOocFZynU
The CEO of the exchange shared his concern on Twitter recently about this grand heist and further stated that Binance is working on figuring out the real issue behind the fiasco. Thereafter, CZ also gave an explanation further confirming the news of a Binance user who came pretty close to losing his funds.
Carlos confirmed the unrecognized orders were due to his API key leakage. He only has one active API key and it was used on Skyrex, a crypto trading bot platform. We will try to disable all API keys that was used by Skyrex, figuring out how to identify them now. https://t.co/cOANWOyAou
— CZ 🔶 Binance (@cz_binance) November 14, 2022
Binance’s API keys that are used for placing orders through a whole lot of accounts, and handling solutions such as trading platforms that have more pros than compared to the traditional way of trading desks — may have been the main problem.
The Binance user employed the Skyrex crypto trading bot as a solution to close the unwanted position of AXS. It seems that the API leak may not be related to the project but to the user himself, who may have leaked it, accidentally. If in case Skyrex turns out to be the biggest source of the leak, then the users should avoid these issues with their accounts by instantly revoking APIs on Binance and making changes to their account settings.