FTX Will Reimburse $6 Million to Victims of the 3Commas Phishing Attack

Published on:

Last Updated on October 24, 2022 by Bitfinsider

Sam Bankman-Fried, the Chief Executive Officer of FTX, has announced that the cryptocurrency exchange will pay out a total of $6 million to compensate users who fell victim to a phishing scam that targeted its customers. However, the CEO has vowed that this will never happen again.

At least three users of FTX have fallen victim to the scam in the past week, which gave cybercriminals the opportunity to steal millions of dollars from the victims’ accounts by making unauthorized trades. In order to gain access, the attackers took advantage of the 3Commas Application Programming Interface (API) keys that the affected FTX users had been using.

3Commas is a provider of an automated crypto trading bot that enables the buying and selling of cryptocurrencies on major exchanges such as FTX to be conducted in an automated fashion. It is considered an efficiency tool because it enables users to easily place hundreds of trades, which would otherwise require a lot of manual labor.

One FTX user reportedly discovered that his account had traded DMG tokens more than 5,000 times on October 19, which led to the theft of nearly $1.6 million worth of bitcoin, FTX tokens, ether, and other cryptocurrencies. This discovery brought the attacks to light and led to their exposure (valued at the time).

On October 22, a second user came forward and admitted that he was a victim of the FTX attack. He stated that he had lost approximately 104 bitcoin, which is equivalent to approximately $2 million at the current price. In addition to this, he asserted that he had never installed a bot using his 3Commas account.

The hackers’ scheme relied on a token known as DMG, which is the governance token of the now-defunct decentralized finance project known as DeFi Money Market (DMM). This project ceased operations on February 5 in response to inquiries from the SEC.

According to the data provided by CoinGecko, the price of DMG has decreased by almost sixty percent since the closing, but it has since recovered to $0.02; this is roughly the same level as when DMM was shut down.

It has been confirmed by 3Commas that unauthorized trades involving DMG cryptocurrency trading pairs were executed on exchange accounts using a number of API keys belonging to partner exchanges. According to what was found, the phishing attack even affected traders who had no prior experience with 3Commas.

After conducting additional research, the team discovered a number of phishing websites that pretended to be associated with 3Commas and targeted its users. Hackers had cloned the design of the website’s user interface in order to steal API keys from users who had connected their exchange accounts after clicking on a link that led them to a fake website.

3Commas has stated that it has additional suspicions that API keys were stolen from users’ accounts by malicious software and third-party browser extensions. It stated that it was highly unlikely that the security breach was caused by 3Commas’ services and that it denied any responsibility for the incident. Blockworks has contacted FTX and 3Commas to request a comment on the situation.

Bankman-Fried vented his anger over the incident in a thread he posted on Twitter. “Not only was this not FTX that was being phished, but it wasn’t even an FTX site,” the person said. And in general, we are unable to provide compensation to users who have been phished by phony versions of other businesses operating in the same space!

Bankman-Fried continued by saying that although FTX has eliminated the majority of phishing websites that pose as the exchange itself, it is unable to do the same for websites that impersonate other services.

“To be clear, phishing is almost always a case where the user voluntarily (but unknowingly) gives their account credentials to a scammer by going to a bad site or something like that,” he tweeted. “However, despite this, we take seriously our responsibility to protect customers, even from themselves.”

In this particular instance, Bankman-Fried has taken the initiative to find a way to compensate users whose accounts were compromised by the 3Commas phishing campaign; however, he has issued a strong warning that “this is a one-time thing and we will not do this going forward” in all capital letters.


Hardware wallets are safe and secure devices that can be used offline. They keep your cryptocurrency offline, making it impossible for you to be hacked. To find out more on the leading hardware wallets, you may view our reviews here: Ledger & Trezor
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, legal, tax or other advice. Investing in or trading cryptocurrency or stocks comes with a risk of financial loss.

Related