Security Breach at Bitcoin ATM Maker: General Bytes Closes Cloud Service Amid Vulnerability – Here’s What Happened
Major Bitcoin ATM manufacturer General Bytes has experienced a security breach that led to $1.5 million worth of BTC stolen from a number of its crypto ATM operators.
In a recent blog post, General Byes founder Karel Kyovsky said that a hacker was able to upload their own Java application onto the company’s Bitcoin ATMs, which allowed them to read and decrypt API keys to access funds on exchanges and hot wallets.
This resulted in the attacker gaining the ability to access the database, download user names and passwords, turn off two-factor authentication, and scan terminal event logs for instances when customers scanned private keys in the ATM, Kyovsky said.
“We released a statement urging customers to take immediate action to protect their personal information,” the company explained in a Twitter post. “We urge all our customers to take immediate action to protect their funds and personal information and carefully read the security bulletin.”
On March 17-18th, 2023, GENERAL BYTES experienced a security incident.— GENERAL BYTES (@generalbytes) March 18, 2023
We released a statement urging customers to take immediate action to protect their personal information.
We urge all our customers to take immediate action to protect their funds and https://t.co/fajc61lcwR…
Meanwhile, on-chain data shows a wallet used in the attack holds 56 BTC, worth over $1.5 million, which was received around the time of the attack.
Etherscan data showed that the attacker also moved around 21.79 Ethereum ($39,043) through Uniswap decentralized exchange (DEX).
General Bytes added that other wallets used by the hacker during the attack belonged to digital assets like XRP, BUSD, Cardano, DAI, DogeCoin, Shiba Inu, Tron, etc.
General Bytes Closes its Cloud Service
General Bytes announced that both its cloud service and standalone servers were compromised. As a result, the company is closing down its cloud service. It said:
“It is theoretically (and practically) impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors. You’ll need to install your own Standalone server. GB support will help you migrate your data from the GB Cloud to your own Standalone server.”
The company also advised BTC ATM operators to install their own standalone server and released two patches for their Crypto Application Server (CAS), which manages the ATM’s operation.
“Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN,” Kyovsky wrote. “Additionally consider all your user’s passwords, and API keys to exchanges and hot wallets to be compromised. Please invalidate them and generate new keys & password.”
General Bytes is the largest cryptocurrency ATM manufacturer with thousands of machines located across the United States.
According to its website has sold over 15,000 Bitcoin ATMs to purchasers in over 149 countries all over the world.
Notably, this is not the first time General Bytes has experienced a breach.
In August 2022, the company reported a hack that led to the theft of deposited Bitcoins at ATMs. At the time, the company said around $16,000 were stolen by the hackers.