General Bytes, a leading manufacturer of Bitcoin ATMs, has shut down its cloud service after a hacker identified a security vulnerability in the system. The hacker was able to read and decrypt API keys, which allowed them to access funds on exchanges and hot wallets. The company has issued a high severity security incident warning and patch on its Confluence page, urging customers to take immediate action to protect their funds and personal information.
How the Attack Happened The hacker was able to upload their own Java application and run it remotely using the master service interface, which is used in Bitcoin ATMs to upload videos to the server. This compromised both General Bytes’ cloud service and standalone servers. The company is now closing down its cloud service, stating that it is impossible to secure a system granting access to multiple operators where some of them may be bad actors.
Steps to Implement Security Fix The company has published steps to implement the security fix, and will provide support to customers to transition from the cloud service to running their own standalone servers. It has also stated that in multiple audits conducted since 2021, this vulnerability was not identified.
$1.5 Million of Bitcoin Stolen The security post also listed the crypto addresses and APIs used by the attacker. On-chain analysis shows a balance of 56 Bitcoin (approximately $1.5 million) in the Bitcoin wallet linked to the attacker. This is not the first time General Bytes has experienced an attack. In August of last year, a hacker was able to steal funds from customers making deposits at its Bitcoin ATMs.
General Bytes’ Response The company has not yet responded to requests for comment on the incident. General Bytes’ website states that it has sold over 15,000 machines in over 140 countries. This incident highlights the importance of maintaining strong security measures, especially in the crypto industry where the potential for attacks is high. Companies must take proactive steps to identify and address vulnerabilities to protect their customers and their assets.