Security breach forces major Bitcoin ATM manufacturer to shut down its cloud services.
On March 18th, General Bytes’ shared a statement revealing that hackers managed to exploit a security vulnerability that allowed them to remotely access sensitive information about users’ hot wallets, including private keys and passwords.
The statement explained that the attacker remotely uploaded their Java applications through the master service interface and used batm user privileges to run it.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
How to Pick the Right DeFi dApp? (Dos and Don’ts Explained)
According to the announcement, during the attack, malicious actors managed:
To access the database, to read and decrypt API keys used to access funds in hot wallets and exchanges, to access terminal event logs and scan for any instance where customers scanned private key at the ATM, send funds from hot wallets, download user names, their password hashes, and turn off 2FA.
The attacker reportedly used 41 addresses to execute the attack. The company also acknowledged that the attacker managed to transfer funds from the targeted hot wallets. However, it did not disclose the total amount of stolen funds.
General Bytes identified that the attack exploited a vulnerability that has existed in the company’s product since version 20210401. This vulnerability went undiscovered despite “multiple security audits since 2021.”
Regarding the matter, the Bitcoin ATM manufacturer promised to conduct multiple independent security audits to help identify any vulnerabilities in its products.
General Bytes has reacted to the incident by shutting down its services and urged Bitcoin ATM operators to install two patch releases that fix the vulnerability.
It is theoretically (and practically) impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors.
The company’s servers experienced a zero-day attack in August 2022, where hackers penetrated the system and seized the administrator privileges that enabled them to transfer funds.
General Bytes is the largest Bitcoin ATM Manufacturer based in Prague, Czech Republic. It has sold over 15,000 Bitcoin ATMs to clients in more than 149 countries globally.