Major bitcoin ATM manufacturer cuts cloud service after hack 

General Bytes, a manufacturer of bitcoin ATMs, has closed down its cloud services due to the discovery of a security flaw that enabled hackers to access users’ hot wallets and acquire confidential data such as private keys and passwords.

General Bytes security breach 

The bitcoin ATM manufacturer, General Bytes, has reported that a hacker was able to install and execute a Java application in its ATMs, which gave them access to user information and the ability to transfer funds from hot wallets. 

On March 17-18th, 2023, GENERAL BYTES experienced a security incident.

We released a statement urging customers to take immediate action to protect their personal information.

We urge all our customers to take immediate action to protect their funds and https://t.co/fajc61lcwR… https://t.co/g5FGqvqZQ7

— GENERAL BYTES (@generalbytes) March 18, 2023

General Bytes, based in Prague, is a major player in the bitcoin ATM market, having sold more than 15,000 ATMs to 149 countries worldwide, according to its website.

In a patch release bulletin on March 18, the company warned that the hacker could remotely upload and run the Java application through the master service interface of the ATMs, which was aimed at stealing user information and transferring funds from hot wallets.

Karel Kyovsky, the founder of General Bytes, disclosed that a security breach has allowed a hacker to gain unauthorized access to sensitive data. The breach affected both the cloud service operated by General Bytes and standalone servers operated by other companies.

As a result of the breach, the hacker was able to access the company’s database, read and decrypt API keys that are used to access funds in hot wallets and exchanges, send funds from hot wallets, and download user names and password hashes. and disable 2FA. 

Furthermore, the hacker was able to access terminal event logs and search for instances where customers had scanned their private keys at the ATM. It is worth noting that older versions of ATM software were logging this information, which the hacker was able to exploit.

General Bytes loses crypto from hot wallets

The recent cyber attack on the company resulted in unauthorized access to its hot wallets, allowing the hacker to send funds.

Although the exact amount stolen was not disclosed, General Bytes has identified 41 wallet addresses used in the attack. On-chain data reveals that one of the wallets received multiple transactions, totaling 56 BTC, which is currently valued at over $1.54 million.

Additionally, another wallet received several ETH transactions, amounting to 21.82 ETH, worth approximately $36,000. In response to the breach, the company has urged BTC ATM operators to set up their standalone servers and released two patches for its crypto application server (CAS), which manages the ATM’s operation.