Tags in this story
Major Cryptocurrency ATM Maker General Bytes Hacked, Over $1.5M in Bitcoin Stolen – Bitcoin News
General Bytes experienced a security incident on March 17 and 18 that allowed a hacker to remotely access the main service interface and send money from hot wallets, according to the company and sources. The breach forced a majority of US-based crypto automated teller machine (ATM) operators to shut down temporarily. The hacker was able to liquidate 56.28 bitcoins, worth approximately $1.5 million, from around 15 to 20 crypto ATM operators across the country.
Crypto ATM operators temporarily shut down after general exchange security breach allows hacker to liquidate $1.5 million in Bitcoin and other cryptocurrencies
The largest automated teller machine (ATM) manufacturer, General Bytes, has produced 9,505 such machines globally, with thousands located in the United States. On Saturday 18 March the company was informed the public of a serious security incident that also occurred on March 17.
“We issued a statement urging customers to take immediate steps to protect their personal information,” the company explained at 4:42 p.m. (ET) Saturday. “We encourage all our customers to take immediate steps to protect their funds and personal information and read the security bulletin carefully,” the firm added.
General Bytes’ security bulletin said the attacker was able to remotely upload his own Java application using the main service interface, which is typically used by terminals to upload videos. The attacker had access to BATM user privileges and was also able to access the database, read and decrypt API keys used to access funds in hot wallets and exchanges. In addition, the hacker was able to download usernames, access their password hashes, turn off 2FA and send money from hot wallets.
Bitcoin.com News spoke with a US-based cryptocurrency ATM (ATM) operator who confirmed that all US operators using General Bytes machines were shut down across the country for the evening. The operator also mentioned that servers would have to be rebuilt from scratch, which could be a lengthy process.
General Bytes is reported to be transferring crypto ATM operators to self-hosted servers. In the security bulletin, General Bytes stated that the company is discontinuing the cloud service. Furthermore, the firm explained that it had conducted several security audits since 2021, none of which had identified this vulnerability.
According to the onchain statistics, the hacker obtained 56.28 bitcoins worth approximately $1.5 million and also liquidated dozens of other cryptocurrencies such as ETH, USDT, BUSD, ADA, DAI, DOGE, SHIB and TRX. The Bitcoin (BTC) address with 56.28 BTC has not moved funds since the last transaction at 03:20 on March 18. Some digital currencies were transferred to different places and a fraction was sent to the decentralized exchange platform (DEX). Uniswap.
General Bytes has experienced problems before, registering a security flaw on August 18, 2022. The attacker at the time exploited a zero-day attack to “create an admin user remotely via the CAS administrative interface via a URL call on the page used for the default installation on server and creates the first administrative user.”
Regarding the March 17 and 18, 2023 hack, General Bytes revealed not only the addresses used in the attack, but also three IP addresses used by the attacker. The source who spoke to Bitcoin.com News on Saturday night further noted that while the firm’s system was hacked, the company runs a full node that is “locked down enough” to prevent the attacker from accessing funds.
What do you think about the breach that affected General Bytes? Share your thoughts on this topic in the comments section below.
Image credit: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or an endorsement or recommendation of products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is directly or indirectly responsible for damages or losses caused or alleged to be caused by or in connection with the use of or reliance on content, goods or services mentioned in this article.