The attacker hacked into the cloud service of the bitcoin ATM manufacturer General Bytes and offline servers of device operators, gaining access to personal information and funds.
On March 17-18th, 2023, GENERAL BYTES experienced a security incident.
We released a statement urging customers to take immediate action to protect their personal information.
We urge all our customers to take immediate action to protect their funds and https://t.co/fajc61lcwR… https://t.co/g5FGqvqZQ7
— GENERAL BYTES (@generalbytes) March 18, 2023
The incident took place March 17-18. The hacker was able to remotely download a Java application through a service interface used by terminals to upload video to the server. This gave him the opportunity to:
- get access to the database;
- read and decipher API-keys for accessing funds in hot wallets and exchanges;
- send funds from user addresses;
- upload names, password hashes and disable 2FA;
- receive information from the event log to search for clients scanning the private key at the ATM.
“Since 2021, we have conducted several security audits and none of them found a vulnerability,” the company noted.
General Bytes has made the decision to shut down its cloud service. For bitcoin-ATM operators, the team suggested switching to standalone servers. She also strongly recommended that all user passwords be changed. CAS, API keys, client access. The company noted that it is desirable to use a firewall and VPN to connect the terminal.
The developers have released patches to fix the bug that the attacker used. They also want to conduct several independent reviews of security systems in the near future.
General Bytes did not name the amount of possible damage and the number of affected users. The company’s specialists identified the crypto wallets involved in the attack by the hacker. On bitcoin network address all transactions have taken place since March 17, at the time of writing, the balance is 56.3 BTC (~ $ 1.58 million).
According to Coin ATM Radar, The number of General Bytes cryptocurrency ATMs installed worldwide has reached 9534 units. The indicator increased compared to the second half of 2022, when the rate of connection of such devices fell sharply.
Recall that in August, hackers hacked the cryptographic settings of General Bytes bitcoin ATMs and were able to transfer the deposited funds to their wallets.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!