G

eneral Bytes, a Bitcoin ATM maker, has issued a high severity security incident warning after a hacker uploaded their own Java application onto the ATMs, enabling them to access API keys and funds on exchanges and hot wallets.

The attacker gained access to the database, downloaded user names and passwords, disabled two-factor authentication, and scanned terminal event logs for instances when customers scanned private keys, the company said:

"We urge all our customers to take immediate action to protect their funds and personal information and carefully read the security bulletin listed here,"

How did it happen?

The hacker was able to mount the attack by uploading their own Java application and running it remotely, using the master service interface, which is used in bitcoin ATMs to upload videos to the server, the company said.

Both General Bytes' cloud service and standalone servers were compromised and as a result the company is closing down its cloud service.

"It is theoretically (and practically) impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors," said the company in the post, adding that it would provide support to customers to transition from the cloud service to running their own standalone servers.

The company published steps to implement the security fix. It also said that in multiple audits that had been completed since 2021 it had not identified this vulnerability.

$1.5 million of bitcoin stolen

The security post also listed the crypto addresses and APIs used by the attacker. On-chain analysis shows a balance of 56 bitcoin ($1.5 million) in the bitcoin wallet linked to the attacker. 

This isn't the first time General Bytes has experienced an attack. In August of last year, a hacker was able to steal funds from customers making deposits at its bitcoin ATMs. In that case, the hacker modified the crypto settings of two-way machines with their wallet settings and the invalid payment address setting.

General Bytes website states that it has sold more than 15,000 machines in over 140 countries.

The company didn't immediately respond to request for comment.

Chart from The Block Crypto Data

Source:
https://www.theblock.co/post/221032/bitcoin-atm-maker-general-bytes-shuts-down-its-cloud-service-after-hacker-identifies-vulnerability-enabling-them-to-decrypt-api-keys

Posted 
Mar 19, 2023
 in 
Crypto News
 category

View Posts
Post Tags:
News
cryptonews
Finance
Blockchain
Crypto
Adventure

More from 

Crypto News

 category

View All
UK Regulators Weighing Regulations for Stablecoins
3
 min read
Crypto Market Rebounds to Pre-Terra-Collapse Levels, Hits 10-Month High
5
 min read
How AI Can Make Crypto Safer, More Efficient, and More Profitable
5
 min read
Feds Seize $112M In Crypto From Alleged US-Based Scammers
2
 min read

Join Our Newsletter and Get the Latest
Posts to Your Inbox

No spam ever. Read our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.