Hacker gains remote access to master service interface, forcing U.S.-based crypto ATM operators to temporarily shut down.
General Bytes, the largest cryptocurrency automated teller machine (ATM) manufacturer, has experienced a security breach resulting in the liquidation of 56.28 bitcoins worth approximately $1.5 million. The breach occurred on March 17 and 18, 2023, and was caused by a hacker who gained remote access to the master service interface and sent funds from hot wallets. The attack forced a majority of U.S.-based crypto ATM operators using General Bytes machines to temporarily shut down.
Security Bulletin Urges Immediate Action
On March 18, General Bytes released a security bulletin informing customers of the attack and urging them to take immediate action to protect their funds and personal information. According to the security bulletin released by General Bytes, the hacker was able to exploit the master service interface to upload their own Java application remotely. As a result, they were able to obtain BATM user privileges and gain access to the database. The attacker was also able to read and decrypt API keys that are used to access funds in hot wallets and exchanges. In addition to this, the hacker could download usernames, gain access to password hashes, disable two-factor authentication (2FA) and transfer funds from hot wallets.
The security incident has affected numerous cryptocurrency ATMs across the globe, including thousands of machines situated in the United States. As a result of the breach, the hacker managed to liquidate approximately $1.5 million worth of 56.28 bitcoins from around 15 to 20 cryptocurrency ATM operators located across the country.
Crypto ATM Operators Forced to Shut Down
As a consequence of the breach, a vast majority of cryptocurrency ATM operators based in the United States who use General Bytes machines were compelled to halt operations temporarily. According to a cryptocurrency ATM operator based in the U.S., who spoke with Bitcoin.com News, all General Bytes machines across the country were closed down for the evening. The operator further disclosed that the servers would have to undergo a complete rebuild from scratch, which could be a time-consuming process.
Transition to Self-Hosted Servers
It is said that General Bytes is currently in the process of shifting cryptocurrency ATM operators to self-hosted servers. The company has announced in the security bulletin that it will no longer offer cloud service. Additionally, the firm stated that it had undergone several security audits since 2021, but none of them detected this security vulnerability.
Liquidation of Other Cryptocurrencies
According to on-chain statistics, the hacker siphoned 56.28 bitcoins worth approximately $1.5 million and also liquidated dozens of other cryptocurrencies such as ETH, USDT, BUSD, ADA, DAI, DOGE, SHIB, and TRX. The 56.28 BTC stored in the Bitcoin (BTC) address linked to the hacker has remained inactive since its last transaction on March 18 at 3:20 a.m. However, some of the other cryptocurrencies that the hacker liquidated were transferred to various destinations, and a portion was sent to the decentralized exchange (DEX) platform Uniswap.
Previous Security Issues
This is not the first time General Bytes has experienced security issues. The company reported a security flaw in August 2022, where an attacker leveraged a zero-day attack to create an admin user remotely. The company has conducted multiple security audits since 2021, but this vulnerability was not identified until the recent breach.
In conclusion, the recent security breach at General Bytes has resulted in the liquidation of $1.5 million worth of bitcoin and has forced a majority of U.S.-based crypto ATM operators to temporarily shut down. The incident highlights the ongoing security concerns in the cryptocurrency industry and the importance of taking proactive measures to protect funds and personal information.
Disclaimer
The information presented in this Blogpost is solely for educational and informative purposes and should not be misconstrued as investment, financial or legal advice. Cryptocurrencies are a highly unstable and speculative market and their worth is susceptible to substantial fluctuations. Therefore, it is advisable to conduct personal research and seek counsel from qualified experts before making any financial decisions.