On March 17 and 18, General Bytes, the largest cryptocurrency automated teller machine (ATM) manufacturer suffered a security breach that allowed a hacker to access the master service interface and liquidate 56.28 bitcoins, worth approximately $1.5 million, from 15 to 20 crypto ATM operators in the US. The number of General Bytes ATMs located worldwide is 9,505. As a result, most US-based crypto ATM operators temporarily shut down. The hacker was able to remotely upload their own Java application using the master service interface, giving them access to BATM user privileges, decryption of API keys used to access funds in hot wallets, and usernames. The attacker turned off two-factor authentication, allowing them to send funds from hot wallets. General Bytes has disclosed the addresses and IP addresses used in the attack, while transitioning crypto ATM operators to self-hosted servers and discontinuing its cloud service.
This is not the first time that General Bytes has faced cybersecurity challenges. On August 18, 2022, the company recorded a security flaw leveraged by a zero-day attack. Over 2021, General Bytes conducted multiple security audits that failed to identify this vulnerability. As per onchain statistics, the hacker also liquidated dozens of cryptocurrencies such as ETH, USDT, BUSD, ADA, DAI, DOGE, SHIB, and TRX. The hacker transferred some digital currencies to different locations and a fraction to the decentralized exchange (DEX) platform Uniswap. However, the bitcoin (BTC) address holding the 56.28 BTC has not moved the funds since its last transaction on March 18.
The security bulletin warned customers to take immediate action to protect their funds and personal information while the company rebuilt servers from the ground up, a process that may take a while. The breach highlights the need to have secure cybersecurity measures in place and conduct regular audits to ensure secure systems for cryptocurrency operations. The breach not only resulted in a significant loss for some operators but also led to a loss of trust in the industry as a whole.
In conclusion, the hack on General Bytes, the world’s largest crypto ATM manufacturer, highlights the vulnerability of cryptocurrency enterprises to cyber threats. The stolen funds and the temporary shutdown of crypto ATMs reveal the need for heightened cybersecurity protocols across the industry. The attack on General Bytes shows the importance of conducting regular security audits to identify vulnerabilities and implement countermeasures. It is also crucial that customers secure their personal information and funds, whether using ATMs or other crypto products. Such incidents could significantly impact the industry’s reputation, particularly among those on the fence about trusting the technology.