CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. More than $1,000,000 in cryptocurrency is being held in accounts that have API keys exposed on public code repositories. Cybercriminals can easily circumvent trade-only settings on the API keys to steal money from traders accounts even without obtaining account credentials or withdrawal rights. Experienced trader teams offering to clear out crypto exchange accounts by exploiting stolen API keys.”]
Source: https://securityaffairs.co/wordpress/118155/hacking/api-keys.html