In a recent incident, Paradex acted quickly to revoke access for a third-party trading bot following a breach of Mithril“s internal systems. Approximately 57 user subkeys connected to Mithril trading bots were compromised, prompting the exchange to implement immediate safeguards.
Paradex confirmed that the compromised subkeys were limited-permission keys primarily used by automated trading bots. These keys allow for trading activities but do not permit fund withdrawals. Consequently, Paradex assured users that no funds were withdrawn during the breach.
The breach was traced back to vulnerabilities within Mithril”s infrastructure, rather than Paradex“s core systems. The exchange emphasized that they have no control over how third-party services manage the security of these subkeys. Only accounts that had authorized Mithril”s trading capabilities were affected, meaning users who did not engage with the bot remained secure.
In response to the situation, Paradex took several rapid containment measures. All affected subkeys were promptly revoked, and XP transfers were temporarily halted as a precautionary measure. The exchange anticipates resuming normal operations shortly.
This incident serves as a stark reminder of the risks associated with using third-party trading tools. Paradex advised users to carefully consider the permissions they grant to external services, as the integrity of user accounts can hinge on these trust decisions.
The bot breach comes on the heels of another operational setback for Paradex, which recently faced scrutiny due to a database maintenance error that briefly displayed Bitcoin trading at zero, leading to forced liquidations and a rare rollback of the blockchain. Although the exchange refunded $650,000 to the affected users and restored trading, these issues have raised concerns regarding operational risks on decentralized exchanges.
Despite these challenges, trading volume on Paradex remains substantial, with the platform reportedly facilitating around $1.6 billion in daily transactions. The open interest stands near $647 million, with approximately $221 million currently locked in the platform, indicating that traders have not abandoned the exchange.
For users, this incident highlights the critical importance of vigilance in the crypto space. While core trading systems may be reliable, third-party integrations can introduce vulnerabilities. Paradex has reiterated the need for caution when granting permissions for automated trading.
