Leading Cryptocurrency ATM Maker General Bytes Hacked, Over $1.5 Million in Bitcoin Stolen – Bitcoin… – Crypto News Today

Leading Cryptocurrency ATM Maker General Bytes Hacked, Over $1.5 Million in Bitcoin Stolen – Bitcoin…

General Bytes experienced a security incident on March 17-18 that allowed a hacker to remotely access the main service interface and send funds from hot wallets, according to the company and sources. The breach forced the majority of US-based crypto ATM operators to temporarily shut down. The hacker was able to liquidate 56.28 bitcoins, worth around $1.5 million, from around 15-20 crypto ATM operators nationwide.

Crypto ATM Operators Temporarily Shut Down After General Byte Security Breach Allows Hacker to Liquidate $1.5M in Bitcoin and Other Cryptocurrencies

The largest manufacturer of cryptocurrency automated teller machines (ATMs), General bytesproduced 9,505 these machines around the world, with thousands in the United States. On Saturday March 18, the company informed the public of a serious security incident which also occurred on March 17.

“We have issued a statement urging customers to take immediate action to protect their personal information,” the company explained at 4:42 p.m. (ET) Saturday. “We urge all of our customers to take immediate action to protect their funds and personal information and to read the Security Bulletin carefully,” the company added.

The number of General Bytes ATMs located around the world according to Coin ATM Radar statistics.

General bytes’ safety bulletin said the attacker was able to remotely download his own Java application using the main service interface, which is typically used by terminals to download videos. The attacker had access to BATM user privileges and could also access the database, read and decrypt API keys used to access funds in hot wallets and exchanges. Additionally, the hacker could download usernames, access their password hashes, disable 2FA, and send funds from hot wallets.

Bitcoin.com News spoke to a US-based automated teller machine (ATM) operator, who confirmed that all US operators using General Bytes machines were shut down across the country for the evening. The operator also mentioned that servers would have to be rebuilt from scratch, which can be a time-consuming process.

There are reports that General Bytes is transitioning crypto ATM operators to self-hosted servers. In the security bulletin, General Bytes said the company is shutting down its cloud service. In addition, the firm explained that it had conducted multiple security audits since 2021, and none of them had identified this vulnerability.

According to stats on the channel, the hacker siphoned off 56.28 bitcoins worth around $1.5 million and also liquidated dozens of other cryptocurrencies such as ETH, USDTBUSD, ADADAI, DOGE, SHIB, and TRX. THE bitcoin (BTC) address holding 56.28 BTC has not moved the funds since its last transaction at 3:20 a.m. on March 18. Some digital currencies were transferred to different places, and a fraction was sent to the Uniswap decentralized exchange (DEX) platform.

General Bytes has run into problems before, registration a security breach on August 18, 2022. The attacker at the time exploited a zero-day attack to “create an administrator user remotely via the CAS administration interface via a URL call on the page used to the default installation on the server and create the first administrative user.

Regarding the March 17-18, 2023 hack, General Bytes not only disclosed the addresses used in the attack, but also three IP addresses used by the attacker. The source who spoke to Bitcoin.com News on Saturday evening further noted that although their company’s system was hacked, the company operates a full node which is “locked down enough” to prevent the attacker from gaining access. to funds.

Keywords in this story

2FA, ada, API Keys, ATM, ATM Attack, ATMs Down, ATM, Bitcoin, Breach, BUSD, Cloud Service, Crypto, Crypto ATM Attack, Cryptocurrency, DAI, Doge, ETH, Exchanges, Funds, general bytes, general Bytes ATMs, General Bytes Crypto ATMs, Hack, hot wallets, IP address, java, Liquidation, national, onchain statistics, operators, Security, self-hosted servers, shib, trx, uniswap, US ATM Operators, USDT, Vulnerability, zero-day attack

What do you think of the breach that affected General Bytes? Share your thoughts on this topic in the comments section below.

Jamie Redman

Jamie Redman is the news manager for Bitcoin.com News and a fintech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He is passionate about Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written over 6,000 articles for Bitcoin.com News about disruptive protocols emerging today.

Image credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. This is not a direct offer or the solicitation of an offer to buy or sell, or a recommendation or endorsement of any product, service or company. bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Leading Cryptocurrency ATM Maker General Bytes Hacked, Over $1.5 Million in Bitcoin Stolen – Bitcoin…

Source link