Bitcoin ATM maker General Bytes has announced the discovery of what it calls a "security vulnerability" that an attacker exploited to access users’ hot wallets and gain sensitive information.
As such, General Bytes shuttered its cloud services.
On March 18, the ATM manufacturer issued a warning that a hacker has been able to upload and run a Java application via the master service interface into its terminals.
According to General Byes founder Karel Kyovsky, the hacker was able to access the database, read and decrypt API keys used to access funds in hot wallets and exchanges, send funds from hot wallets, download user names, their password hashes, and turn off 2FA, and access terminal event logs and scan for any instance where customers scanned private key at the ATM.
The March 18 warning has it that both General Bytes’ cloud service was breached as well as other operators’ standalone servers.
The company did not disclose how much was stolen as a result of the breach but released the details of 41 wallet addresses that were used in the attack.
On-chain data shows multiple transactions into one of the wallets, resulting in a total balance of 56 BTC, worth over $1.54 million at current prices.
Another wallet shows multiple Ether (ETH) transactions, with the total received amounting to 21.82 ETH, worth roughly $36,000 at current prices.
General Bytes is based in Prague and according to its website has sold over 15,000 Bitcoin (BTC) ATMs to purchasers in over 149 countries all over the world.
