Leading Bitcoin ATM manufacturer General Bytes reportedly encountered a security breach and the loss of BTC tokens worth $1.5 million stolen from several ATM outlets.
Accordingly, the firm has reportedly shut down its cloud services due to concerns over the platform’s vulnerability after the latest exploits.
The Exploit
According to a recent blog post, the firm’s founder Karen Kyovsky stated that the attacker uploaded their Java application into General Bytes Bitcoin ATM. Thus, they accessed the firm’s API, which they decrypted to move funds from exchanges and hot wallets.
Kyovsky added that the hacker accessed the database and downloaded several usernames and passwords by disabling the two-factor authentication and scanning terminal event logs to find user activities in the ATM. As a result, General Bytes immediately released a statement cautioning users of the exploit and urging them to protect their personal information by reading the security bulletin.
On-chain data shows an address used in the attack has 56 BTC worth more than $1.5 million, which it received at the time of the attack. Similarly, data from Etherscan revealed that the hacker transferred nearly 21.79 ETH worth $39,043 via a Uniswap decentralized exchange.
Furthermore, the Bitcoin ATM maker added that other addresses used by the hacker during the exploits are from several top crypto networks like Dogecoin, Cardano, DAI, Shiba Inu, Shiba Inu, and XRP.
Shutting Down Cloud Service
According to General Bytes, it has closed down its cloud services following the exploits, as its main servers are already compromised during the attack. In a statement, the company noted that it is impossible to maintain a system that grants multiple access to entities simultaneously when some malicious platforms are part of the network.
The company advised Bitcoin ATM operators to install their standalone server by releasing two patches of their Crypto Application Server (CAS), which powers the ATM function. Moreover, General Bytes stressed that users should keep their CAS behind a firewall and VPN with terminals to be connected to the CAS via a VPN.
Kyovsky noted that operators should consider their usernames and API keys because they are already compromised. Thus, they should invalidate them and generate new ones to ensure the safety of their funds.
General Bytes is the leading BTC ATM maker in the United States, with thousands of crypto machines in several locations across America. According to the company’s website, it has sold more than 15,000 Bitcoin ATMs to buyers in over 149 countries across the globe.
However, this is not the first time the crypto ATM firm has experienced a security breach of its machines. Last August, General Bytes reported an exploit that led to the theft of a significant amount of Bitcoins at several ATMs.
Then, the company revealed that the attackers stole about $16,000 worth of BTC. Attacks on crypto-based systems have increased in recent months, with last year recording several exploits running into billions of dollars.