On March 17 and 18, a security compromise occurred at General Bytes, one of the top bitcoin automated teller machines (ATMs) producers.
Via the master service interface, the hacker remotely uploaded his Java program, which he then launched with the BATM user’s permission. The company rated this breach’s seriousness as “highest.”
The hacker then sold 56.28 Bitcoins, worth $1.5 million at the time of the attack. The US owners of bitcoin ATMs were where the stolen Bitcoins were taken. Due to this security breach, some 15 to 20 operators have been affected. The ATM operators had to shut down a large percentage of their operations briefly.
According to General Bytes, the incident allowed the attacker to transmit money from hot wallets, send money to exchanges, steal usernames and passwords, and disable two-factor authentication. It further stated that other operators’ standalone servers, in addition to its cloud services, were compromised.
Operators of Crypto ATMs Momentarily Shut Down.
In addition to having access to the database and reading and decrypting the API keys needed to access funds in hot wallets and exchanges, the attacker also had access to BATM user rights. Moreover, the hacker had access to password hashes, could retrieve usernames, disable 2FA, and send money from hot wallets.
A U.S.-based bitcoin ATM operator confirmed to Bitcoin.com News that all U.S. users of General Bytes ATMs had their machines turned off countrywide for the evening. The operator also indicated that servers would need to be rebuilt entirely, which is time-consuming.
General Bytes is reportedly moving cryptocurrency ATM operators to self-hosted servers. General Bytes announced in the security bulletin that it is ending its cloud service. The company added that despite performing numerous security audits since 2021, none of them had discovered this vulnerability.
Bitcoins worth almost $1.5 million stolen
On-chain data reveals that a wallet used in the attack has 56 BTC acquired close to the attack and is worth more than $1.5 million. According to Etherscan statistics, the attacker transferred roughly 21.79 Ethereum ($39,043) using the decentralized Uniswap (DEX) exchange.
As per General Bytes, during the attack, the hacker also used wallets for digital assets like XRP, BUSD, Cardano, DAI, DogeCoin, Shiba Inu, Tron, etc..
As of the publication’s, the attacker’s total cryptocurrency theft was unknown. A portion of the digital currency was transmitted to the decentralized exchange (DEX) platform Uniswap, and some were routed to other locations.
Conclusion
There have been such breaches at General Bytes before. The corporation disclosed a compromise in August 2022 that resulted in the theft of Bitcoins at ATMs. The company estimated that the hackers stole about $16,000 at the time.
One of the leading suppliers of Bitcoin ATMs is General Bytes. The company has sold more than 15,000 units in more than 149 nations.
Source: https://www.thecoinrepublic.com/2023/03/20/general-bytes-loses-1-5m-in-bitcoin-due-to-security-hitch/