Skip to content
- South Korea ordered crypto exchanges to block suspiciously shared API keys.
- Automated trading now accounts for nearly 30% of local crypto turnover.
- Upbit and Bithumb will expand API monitoring and IP restrictions.
South Korea tightened oversight of automated crypto trading after regulators raised concerns about suspicious API activity across local exchanges. The new measures arrived as authorities increased pressure on trading practices linked to possible market manipulation.
The Digital Asset Exchange Alliance, widely known as DAXA, introduced a compliance framework requiring exchanges to invalidate API keys suspected of being improperly shared between users. The policy affects major domestic platforms, including Upbit, Bithumb, Coinone, Korbit, and Gopax.
South Korea’s Financial Supervisory Service stated that automated and algorithmic trading now makes up around 30% of domestic crypto turnover. Regulators believe some traders used automated systems to influence prices through repeated order activity.
Regulators Investigate Suspected Crypto Market Manipulation
Officials stated that particular accounts were suspected of issuing substantial buy orders only to withdraw the same later, which led to fake demand indications. Regulators assume that certain traders have been selling their holdings once the price rises. The number of accounts still being investigated is yet to be disclosed by officials.
With the help of API keys, developers are able to link external software tools with the crypto exchange platform. Using these tools, they can monitor transaction details, send trade instructions, and automate other activities on behalf of investors. The wider crypto space was also witnessing tough times following the announcement.
Bitcoin dropped by over 3% in the past 24 hours, with Ether falling below 5%. Market capitalization of cryptocurrencies now stands at around $2.46 trillion. As part of the new framework, DAXA exchanges will implement stringent API monitoring systems and compulsory account verification in case of any questionable actions.
Exchange members will be required to employ the IP Safe listing system to restrict API access from only authorized IP addresses. It is still unknown what measures DAXA exchanges will take to spot API sharing. Nonetheless, it seems that they are likely to analyze odd login patterns and unusual trading frequency.
Major Crypto Exchanges Expand API Security Measures
There are several prominent exchanges that also employ such security tools. Among others, Binance, Coinbase, OKX, and Kraken offer users the ability to manage their API permissions and restrict access from certain IPs. The new round of attacks also revived the memory of some older API security threats.
In 2022, 3Commas was involved in a huge data breach affecting more than 100,000 compromised API keys belonging to Binance and KuCoin accounts. There were many other warnings about the threat posed by compromised API credentials within the crypto trading environment.
For its part, infrastructure company Sodot emphasized that a lot of API security issues are generally lumped together as plain old hacks instead of being recognized as compromised credential cases. On the other hand, former Changpeng Zhao also advised users to beware of the dangers of using API credentials.
Also Read: Ancient Bitcoin Whale Sends $203M BTC to Trading Firms, Traders Alarmed
