I just got an email from CoinCube (https://coincube.io/), a company that trades crypto for you using their market analyzing algorithms, that they were hacked and the API keys that their customers have were exploited. Fortunately, I only signed up to get alerted when their beta access is available so they don't actually have the API keys for the exchanges that I use.
But doesn't companies like CoinCube always say "You control your funds" and "We reject API keys that will allow us to withdraw from your accounts"? They do, but that didn't stop the thief from making limit trades with those API keys at a price very close to 0!
I commend CoinCube for explaining how the thief was able to exploit the API keys, but this confirms my stance that you shouldn't give your exchange API keys to anyone, even if it doesn't have the withdrawal capabilities. For me, I'm sticking with Gekko for now (https://github.com/askmike/gekko), an open-source trading bot. My API keys never leave my computer and it is open source, so anyone can look at the code to confirm it is not stealing your API keys.
Below is a screenshot of the email from CoinCube
This post received a free Upvote. Get your free Upvote NOW! Just follow @upvoteforfree
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I have yet to dive in to the world of trading bots, whilst I can see the benefits of having one doing trades when youre not online, I still love the thrill of trading. Then again, I swing trade over longer periods as opposed to day trading. I guess you could say I prefer to still have control over my funds/trades, automation can be a double-edged sword especially if one doesn't take the necessary precautions to mitigate risks.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit