Major bitcoin ATM manufacturer cuts cloud service after hack
General Bytes, a manufacturer of bitcoin ATMs, has closed down its cloud services due to the discovery of a security flaw that enabled hackers to access users’ hot wallets and acquire confidential data such as private keys and passwords.
General Bytes security breach
The bitcoin ATM manufacturer, General Bytes, has reported that a hacker was able to install and execute a Java application in its ATMs, which gave them access to user information and the ability to transfer funds from hot wallets.
General Bytes, based in Prague, is a major player in the bitcoin ATM market, having sold more than 15,000 ATMs to 149 countries worldwide, according to its website.
In a patch release bulletin on March 18, the company warned that the hacker could remotely upload and run the Java application through the master service interface of the ATMs, which was aimed at stealing user information and transferring funds from hot wallets.
Karel Kyovsky, the founder of General Bytes, disclosed that a security breach has allowed a hacker to gain unauthorized access to sensitive data. The breach affected both the cloud service operated by General Bytes and standalone servers operated by other companies.
As a result of the breach, the hacker was able to access the company’s database, read and decrypt API keys that are used to access funds in hot wallets and exchanges, send funds from hot wallets, and download user names and password hashes. and disable 2FA.
Furthermore, the hacker was able to access terminal event logs and search for instances where customers had scanned their private keys at the ATM. It is worth noting that older versions of ATM software were logging this information, which the hacker was able to exploit.
General Bytes loses crypto from hot wallets
The recent cyber attack on the company resulted in unauthorized access to its hot wallets, allowing the hacker to send funds.
Although the exact amount stolen was not disclosed, General Bytes has identified 41 wallet addresses used in the attack. On-chain data reveals that one of the wallets received multiple transactions, totaling 56 BTC, which is currently valued at over $1.54 million.
Additionally, another wallet received several ETH transactions, amounting to 21.82 ETH, worth approximately $36,000. In response to the breach, the company has urged BTC ATM operators to set up their standalone servers and released two patches for its crypto application server (CAS), which manages the ATM’s operation.