CONTINUE TO SITE »
or wait 15 seconds

Payments

Hackers steal $1.5M from General Bytes Bitcoin ATMs

Image via Adobe Stock

March 21, 2023

Hackers stole $1.5 million from General Bytes Bitcoin ATMs by exploiting a zero-day vulnerability in its BATM management platform. They remotely uploaded a Java application via the ATM's master service interface and ran it with batm user privileges, according to a report at Bleeping Computer.

With this application, the hackers were able to access the database, decrypt API keys to access funds in hot wallets and exchanges, find usernames and password hashes and access terminal event logs for when users scanned private keys at the ATM.

"The attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our recommended cloud hosting provider)," General Bytes said in a security incident disclosure.

The company urged customers to install updates to protect their servers from these attacks. General Bytes said it is also shutting down its cloud service because it is "theoretically (and practically) impossible" to protect it from hackers.

Related Media

Article
What's the deal with bitcoin ATMs?
News
Philippines GCash hit by major phishing attack
News
Jasper County deputies recover $32K from bitcoin ATM/kiosk in scam aftermath
News
Maryland considers regulations for cryptocurrency kiosks amid scam concerns
News
Stolen cellphones reportedly traced to ecoATM kiosks
News
New Jersey lawmakers propose protections for crypto kiosk users
Recent Posts
USConnect granted US patent for Theft Detective technology
GameChanger Systems secures 2nd round of series A funding
IDEMIA launches enhanced kiosks for background checks
EcoATM names Matt Furlong as CEO
Convious Kiosks cut queues, boost sales at Zoo Osnabrück


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'