In a result of the yesterday's attack on skyrex.io intruders sent trading order to one account with @AxieInfinity pair. Our long-term partner and a friend @CarlosOMFG experienced a loss. Measures to prevent future accidents and compensate losses are being taken now
We made an investigation and found there were such cases in past for example 3Commas experienced the same attacks with Binance API. We carefully studied the cases to build a list of necessary improvements
All threats caused by the attack have been successfully eliminated. We work on implementing new security measures and improving our systems
We recommended to revoke and issue new API keys to ensure liquidation of risks yesterday. Currently we communicate with Binance security team to prevent future accidents. Among of our offers to them is to improve API management by adding the following settings
- Allowed trading pairs list
- Maximum order size of market orders
API trading does NOT require depositing your funds to 3rd party services thus it is the most secured, transparent and trusted mean of connecting to trading platform or bots. That is why skyrex.io uses this method and will stick to it. Trust and transparency are key factors for us. Even in case of an attack we have a possibility to react immediately and close intruders access.
We reacted seconds after the attack was made and limited losses. @CarlosOMFG lost only 5% of the trading amount he had during the attack and those losses will be easily compensated by our side once security of the service is restored.