BREAKING: Largest Crypto ATM Maker Hacked Due to Security Issue – Over $1.5 Bitcoin (BTC) Stolen
- General Bytes, a leading manufacturer of cryptocurrency ATMs reported that it was recently hacked.
- The firm tracked that the hacker involved allegedly made off with $1.5 million worth of Bitcoin (BTC).
The previous week saw a handful of traditional banks take a massive hit in the US. This time around, crypto seems to have been hit by its own fair share of pushbacks, as a leading global cryptocurrency ATM maker was recently exploited by hackers.
General Bytes, one of the world’s leading manufacturers of cryptocurrency automated teller machines (ATMs) experienced a security breach on March 17 and 18.
The hacker went on to liquidate 56.28 Bitcoins, which were valued at a staggering $1.5 million at the time of the attack. The stolen Bitcoins were taken from cryptocurrency ATM operators in the United States. The number of affected operators is between 15 and 20. A significant number of ATM operators in the country were forced to close down for a short time.
On March 28, a day after the incident, the company took to Twitter to inform the public about the incident. The firm notified that a statement has been released informing customers to ensure that their personal information as well as their funds are safe.
“17.-18. In March 2023, GENERAL BYTES experienced a security incident. We issued a statement urging customers to take immediate action to protect their personal information. We encourage all our customers to take immediate steps to protect their money and personal information and read the security bulletin carefully.” The company wrote that in a tweet.
17.–18. In March 2023, GENERAL BYTES experienced a security incident.
We have issued a statement urging customers to take immediate action to protect their personal information.
We urge all our customers to take immediate action to protect their funds and https://t.co/g5FGqvqZQ7
— GENERAL BYTES (@generalbytes) March 18, 2023
General Bytes describes how customers can detect a server breach
In the bulletin, the company explained that the attacker succeeded in uploading his own Java application remotely. This was done using the main service interface typically used by terminals to upload and run videos with batm user rights.
This would later result in gaining access to certain information that would otherwise be private. The hacker gained access to the database. The data was also able to read and decrypt API keys commonly used to access funds in hot wallets and exchanges.
In addition, the hacker can send funds from hot wallets, as well as download usernames, password hashes and turn off their two-factor authentication. The hacker was also able to access terminal event logs and scan for any instance where customers canned private key at the ATM. The bulletin also outlined the steps users could take to find out if your server was breached.
No spam, no lies, just insight. You can unsubscribe at any time.
“Examine your master.log and admin.log files and look for gaps of time where your server did not log anything. Usually you will only see one day of events. The attacker deleted these logs to hide his activity. This is a certain indicator on attack.” The bulletin explained.
Crypto News Flash does not endorse and is not responsible or liable for any content, accuracy, quality, advertising, products or other material on this site. Readers should do their own research before taking any action related to cryptocurrencies. Crypto News Flash is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned.