Last Updated on March 19, 2023 by Bitfinsider
A hacker was able to install their own Java program on General Bytes’ bitcoin ATMs, allowing the attacker to read and decrypt API keys in order to access money on exchanges and hot wallets.
On March 18, the business issued a high severity security incident warning on its Confluence page. According to the business, the attacker was able to access the database, download user names and passwords, disable two-factor authentication, and scan terminal event logs for occasions when customers scanned private keys in the ATM.
“We urge all of our customers to take immediate action to protect their funds and personal information, and to carefully read the security bulletin listed here,” the company tweeted.
The attacker’s crypto addresses and APIs were also mentioned in the security post. On-chain research reveals a balance of 56 bitcoin ($1.5 million) in the attacker’s bitcoin wallet.
This is not the first time General Bytes has been attacked. A hacker was able to steal money from customers making deposits at its bitcoin ATMs in August of last year. In that instance, the hacker altered the crypto settings of two-way devices, including their wallet settings and the invalid payment address setting.
According to the General Bytes website, the company has sold over 15,000 machines in over 140 nations.
Hardware wallets are safe and secure devices that can be used offline. They keep your cryptocurrency offline, making it impossible for you to be hacked. To find out more on the leading hardware wallets, you may view our reviews here: Ledger & Trezor
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, legal, tax or other advice. Investing in or trading cryptocurrency or stocks comes with a risk of financial loss.
