General Bytes Shuts Down Cloud Service After Major Security Breach
General Bytes, a leading bitcoin ATM manufacturer, suffered a major security breach last week, as a hacker was able to access and decrypt API keys, giving them access to funds on exchanges and hot wallets. In a high severity security incident warning posted on its Confluence page on March 18, the company said the attacker was able to upload a Java application onto its machines, and then use the master service interface to access a wide range of data, including usernames and passwords, private keys, and event logs.
Shutting Down Cloud Service
The incident affected both General Bytes’ cloud service and standalone servers, prompting the company to announce the closure of its cloud service. It advised all customers to take immediate action to protect their funds and personal information, and carefully read the security bulletin that it had posted.
In the same statement, General Bytes expressed its belief that securing a system that grants access to multiple operators simultaneously, some of whom may be bad actors, is a difficult challenge. It said it will now provide support to customers who want to transition from the cloud service to running their own standalone servers.
This isn’t the first time that General Bytes has suffered a security breach. In August of last year, a hacker stole funds from customers making deposits at the company’s bitcoin ATMs, by modifying the crypto settings of two-way machines. General Bytes has sold more than 15,000 machines in over 140 countries.
$1.5 Million in Bitcoin Stolen
The security post also revealed that the hacker had stolen 56 bitcoin (approximately $1.5 million) using the crypto addresses and APIs listed in the post. On-chain analysis showed the funds were still held in the bitcoin wallet linked to the attacker. General Bytes published steps to implement the security fix, and noted that in multiple audits completed since 2021, it had not identified this vulnerability.
Source: TheBlock