Security Incident: Trading Bot Vulnerability Exposes User Access
Paradex has issued an urgent alert after a third-party trading bot was compromised due to a breach in its internal system. Approximately 57 users had their sub-keys exposed, which, while not allowing direct fund withdrawals, could be used to execute trades on their behalf.
Immediate Response to Contain Threat
Upon detection, Paradex swiftly paused all XP token transfers and revoked the compromised sub-keys linked to the bot. This proactive measure aims to block any unauthorized trading activity and protect user assets from potential misuse.
Limited Impact Confirmed
The incident affects only those who previously authorized the specific trading bot. Accounts that never connected to the service remain unaffected. The team advises users to routinely audit connected applications and remove access for unused tools.
Security Best Practices for Users
As automated trading grows in popularity, so do the associated risks. Paradex urges users to remain vigilant when granting access to external platforms, ensuring permissions are limited to trusted services only.
- Regularly review active app authorizations
- Grant minimal necessary permissions
- Contact support immediately if suspicious activity is detected