Explained: Binance’s beef with crypto trader CoinMamba

Listen to this article.

How far can a digital asset exchange go to shut down somebody’s account? As famous trader CoinMamba discovered, a centralized exchange like Binance can close accounts for the same vague, hand-wavy reason as any other financial institution — especially when its account owner threatens to create social media drama.

This week, Binance placed an account belonging to an influential trader who goes by the name ‘CoinMamba’ in withdraw-only mode after he claimed to have been a victim of an exploit of his account’s API key.

Specifically, CoinMamba has accused Binance of refusing to help recover the funds he lost to the exploit as early as December 6.

For context, most centralized crypto exchanges allow owners to create an API key that allows them to authorize trades through third-party applications. These secret keys are basically login credentials that allow traders to access their accounts and execute trades. A typical API key for a customer of a centralized exchange can execute an order of limitless size.

The exploit in question occurred after CoinMamba shared his API key with a trading bot provider called 3Comma. CoinMamba then claims that Binance restricted his account after he tweeted about a problem with 3Comma, that prevented him from taking advantage of market conditions to minimize losses incurred by 3Comma’s trading decisions.

Binance says it placed CoinMamba’s account into withdraw-only mode after the account holder posted threats in its customer service chat — and appears to have screenshots of the conversation to prove it.

It appears you are still confused in regard to the reason your account was put into withdrawal-only mode. @CoinMamba, here is a screenshot of your conversation with our CS agent. pic.twitter.com/Na2MagN6Dy
— Binance (@binance) December 12, 2022

Binance brings the receipts.

Soon afterward, Binance gave CoinMamba 72 hours to withdraw assets before the company intended to close the account. He managed to withdraw the funds, as requested. CoinMamba then said he would audition new exchanges for better service.

CoinMamba and Binance disagree over next steps

With the account closed and de-funded, Binance suggests that CoinMamba report the alleged hack and nefarious trades to law enforcement. The exchange would assist law enforcement to investigate hacks. However, CoinMamba did not seem to file an official report, opting instead to blame Binance for the incident.

Your account was placed into withdrawal only mode. The decision was in response to threats you made to our CS, not related to our Twitter dialogue. We pulled together a team of over 20 case agents to try and help you. We are sorry it has come to this, but wish you all the best. pic.twitter.com/lTkKy2WnJS
— Binance Customer Support (@BinanceHelpDesk) December 9, 2022

Binance again clarifies with real evidence.

CoinMamba claims that his recent tweets were a factor in the suspension. However, another influential Twitter account using the alias FatManTerra accused CoinMamba of threatening to take the case to Twitter if Binance did not provide compensation for a scam by a third party. According to FatManTerra, Binance couldn’t compensate every victim who claimed to be a victim of a hack or scam.

After seeing the latest actions of Binance I’m seriously worried about my safety. Not sure how far they would actually go. They can doxx my identity and home address too..
— CoinMamba (@coinmamba) December 12, 2022

CoinMamba melodrama.

Binance CEO Changpeng Zhao (CZ) confirmed that Binance could investigate, but he didn’t see it as a matter of providing compensation. According to CZ, an API key provided by 3Comma and used by CoinMamba may have caused the problem. He says he can block 3Comma’s API keys if CoinMamba cannot prevent the keys from getting leaked.

We just discussed this internally. We may block all 3Comma access if they don’t have good ways to fix API key leaks in their side.
— CZ 🔶 Binance (@cz_binance) December 9, 2022

CZ to the rescue.

According to CZ, traders can lose or “steal” their API keys. He said the exchange does not, as a matter of policy, pay for losses due to a misplaced API key. Binance documentation clearly states the risks of creating any API key.

In a previous tweet, CZ noted unusual trading activity after users shared their API keys with a third party. He recommended deleting the API keys altogether.

We seen at least 3 cases of users who shared their API key with 3rd party platforms (Skyrex and 3commas), and seen unexpected trading on their accounts. If you used such a platform before, I highly recommend you to delete your API keys just to be safe. 🙏
— CZ 🔶 Binance (@cz_binance) November 14, 2022

CZ continues to be personally involved in the minutiae.

3Comma provides trading bots that traders can use on digital asset exchanges like Binance. For its part, 3Comma CEO Yuriy Sorokin claimed that CoinMamba’s keys were not leaked due to an error by 3Comma and recommended contacting law enforcement about the problem.

He also called CoinMamba’s case a strange one. He says CoinMamba claimed that he was using the spot API, but whoever allegedly hacked his Binance account had transferred funds to a futures/margin account and was, instead, making trades on these non-spot markets.

@cz_binance the keys are not leaking from our side. We push users to use fast connect with Binance and work with your team closely. The majority of the users disappear after our support tries to reach out to them. We push everyone to reach out to local police and file claims.
— Yuriy Sorokin (@YS_3Commas) December 9, 2022

3Commas also swears it’s not its fault.

CoinMamba expressed concern that Binance has his personal information through its KYC/AML procedures and could theoretically dox him. At least one person who claimed to be a former corporate lawyer did not buy that Binance would be so cavalier as to dox CoinMamba over the dispute.

Moreover, another Twitter user opined that publicizing CoinMamba’s private details would be illegal. However, posting a screenshot of a snippet of a chat with customer service staff without identifying information was perfectly legal.

as long as they don't make your private data public they're not actually doing anything illegal. Making a conversation public without this private data is not illegal (in Europe). But a company should not do this without consent. It's a fine line to walk.
— Mitozo (@HMitozo) December 12, 2022

Mamba has decided to stop the drama

Despite initially following through on his threat to make details of their dispute public, CoinMamba has apparently simmered down a little and looks to have realized that picking a fight with the world’s largest crypto exchange is probably not going to get him anywhere.

In a tweet posted early Wednesday morning, the trader revealed that, after speaking with close friends, he’s decided to “stop the drama with Binance” and move on.

“I still don’t agree with how they handled this situation but I could’ve acted in a different way as well,” he wrote.

“It was just frustrating to lose a significant amount due to an exploit and emotions took over. Another lesson for me I guess.”

He also revealed that he’s opened an account on another exchange and will continue his trading there.

For more informed news, follow us on Twitter and Google News or listen to our investigative podcast Innovated: Blockchain City.