3Commas, a widely used crypto trading bot service, has denied claims that its employees leaked sensitive user details, following claims on social media that private API keys had been seen on the platform’s online Cloudflare dashboard. 

In this case, API keys would let users access their exchange accounts from 3Commas’ bot service, meaning a leak could cause serious damage, especially given the amount of money at stake.

But in a blog post on Sunday, 3Commas CEO Yuroy Sorokin dismissed the story, blaming falsified evidence: “The person who created the screenshots did a nice job with an HTML editor, but they made a few key mistakes that easily prove their claims are fake.” He went on to explain the technical details of why each screenshot was inauthentic, offering screenshots and sarcastic commentary. 

The controversy surrounding 3Commas began on Dec. 9, when crypto trader CoinMamba  disclosed that his Binance account had been exploited through an API he created over two years ago. CoinMamba said the API was submitted only to 3Commas and he hasn’t used its service since. 

Others echoed the claims, including “Joel,” who lost $155,000 after his account performed unauthorized trades. “Rodion Longa,” meanwhile, reported losing $450,000 worth of BUSD—the native stablecoin of Binance. 


 Changpeng Zhao, Binance’s CEO, said that the exchange had indeed seen multiple cases related to 3Commas where users claim that they were phished. 3Commas pushed back at these claims, saying instead that users likely had their API keys compromised in a “phishing attack.”