South Korea tightens crypto API controls as DAXA targets shared key abuse

South Korea’s Digital Asset Exchange Alliance (DAXA) introduced a new compliance standard. The crypto exchanges operating in the region will now have to invalidate API keys suspected of being improperly shared between users. This action has escalated regulatory oversight in one of the world’s most active digital asset markets.

This comes in when the Financial Supervisory Service (FSS) is pushing scrutiny of automated crypto trading. Regulators suggest that such trading now accounts for around 30% of domestic turnover.

The global crypto market saw a massive sell-off over the last 24 hours. Bitcoin price dropped by more than 3%, while Ether dipped by almost 5%. The cumulative crypto market cap stands at $2.46 trillion.

DAXA escalates API surveillance

According to reports, DAXA’s new framework is targeting emerging concerns among regulators and exchanges. One of them is the use of shared or compromised API credentials. It is being used to manipulate the markets and spoof orders. However, it can even coordinate trades across multiple accounts.

The FSS urged that some traders repeatedly submitted and canceled large buy orders. This was done to create false demand signals. They later hit the sell button when the price goes up. However, the regulator did not disclose the number of accounts that are under investigation. 

The API keys trend has been hitting the market. It allows automated systems to connect directly to exchanges to access market data. Then it moves to execute orders, deposits, and hit withdrawals.

Under the new guidelines, DAXA member exchanges will implement harsh responses when suspicious API-sharing behavior is detected. After enhanced monitoring and user warnings, they will ask users to undergo mandatory re-authentication.

Upbit, Bithumb, Coinone, Korbit, and Gopax are regulated by DAXA. These exchanges will also deploy IP whitelisting systems that restrict API access to approved addresses. Meanwhile, the group has not yet disclosed the precise detection methodology that’ll be used ahead.

API abuse sparks Korea crackdown

Back in 2022, 3Commas got linked to the large-scale exposure of access tokens. Reports suggest that around 100,000 API keys were exposed. However, these keys were associated with Binance and KuCoin accounts.

Binance, Coinbase, OKX, and Kraken all support IP whitelisting and API permission management. However, DAXA’s new rules appear to move toward mandatory enforcement in some scenarios.

Security researchers have been warning that API credential abuse remains one of the least publicly discussed operational risks inside crypto trading infrastructure.

Crypto infrastructure firm Sodot had noted that many API-related incidents are often categorized broadly as generic hacks. They need to be disclosed as credential compromises.

Former Binance CEO Changpeng Zhao also publicly warned users during the 3Commas incident. It was evident that API credentials represented a serious risk for automated trading systems.

The smartest crypto minds already read our newsletter. Want in? Join them.