Security breach at Bitcoin ATM maker

Introduction

Major Bitcoin ATM manufacturer General Bytes has faced a security breach that led to $1.5 million in stolen BTC at some of its crypto ATM operators. In a recent blog post, Karel Kyovsky, founder of General Bytes, explained that a hacker managed to upload their own Java application to the company's Bitcoin ATMs.

‍

Consequences of the breach

The attack resulted in:

• Access to the database
• Downloading usernames and passwords
• Disabling two-factor authentication
• Scanning terminal event logs for cases where customers scanned private keys in the ATM

‍

Actions by General Bytes

The company issued a statement urging customers to take action to protect their personal information. General Bytes also announced that both its cloud service and standalone servers have been compromised.

‍

Closure of the Cloud Service

General Bytes has decided to shut down its cloud service and advises BTC ATM operators to install their own standalone server. The company has released two patches for their Crypto Application Server (CAS), which manages ATM operations.

‍

Recommendations

Kyovsky advised the following:

• "Keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN."
• "Consider all of your users' passwords and API keys to exchanges and hot wallets compromised. Void them and generate new keys and passwords."

‍

About General Bytes

General Bytes is the largest cryptocurrency ATM manufacturer with thousands of machines in the United States and has sold more than 15,000 Bitcoin ATMs to buyers in more than 149 countries worldwide. This is not the first time the company has faced a breach. In August 2022, the company reported a hack that led to the theft of Bitcoins from ATMs. At the time, the company said about $16,000 was stolen by the hackers.