There is yet another virtual manipulation in the blockchain-based world of technology. This time at the receiving end of the inconvenience is the popular ATM manufacturer, General Bytes.
The Security Breach that Occurred at General Bytes
According to the Bitcoin ATM maker someone hacked into the system and run a Java application. The installation of Java on General Byte’s system gave the hacker access to the data and credentials of the users.
The access also allowed the hacker to transmit funds from the virtual currency wallets or commonly known as hot wallets.
Such fraudulent activities compromise user information and put their funds and investments at risk.
As a result of this mishap, the manufacturer has suspended the services it offers to customers over the internet.
Owing to the security vulnerability and in order to avoid further breaches the cloud services have been closed. The hacker was able to obtain sensitive data including private keys, passcodes, and access to hot wallets.
General Bytes is an ATM manufacturer of Bitcoin and is presently located in Prague. The company currently has to its credit 15,000 ATMS that are spread over 149 countries across the world.
What Did The Hacker Gain Access To?
It was in this week that a warning was issued by General Byte wherein it explained the recent hacking incident.
In the warning, it was mentioned that using the master service interface the Java application was run into the manufacturer’s terminals.
Karel Kyovsky who’s the founder of the company, while delving deeper into the details also mentioned what the hacker was able to achieve.
According to his statement amongst other things, the hacker gained access to the company’s database and transfer funds from the hot wallets.
The Hacker is now able to read the unique identifier that is the application program interface (API) keys and also decrypt it. API key is used for the purposes of retrieving the hot wallet funds as well as exchanges.
The attacker can also now download the names of the users and their passcodes. Moreover, the terminal event logs are also accessible to the hacker allowing him to scan the ATM the private key.
As per the announcement not only the cloud service of General Bytes but even the standalone servers operated by other companies were compromised.
According to Kyovsky, they have been carrying out audits since 2021 for security. However, in spite of several security audits, the manufacturer failed to detect this particular vulnerability.
Hot Wallets Compromised
The ATM manufacturer acknowledged that the attacker was able to transfer funds from the hot wallets, however, it did not reveal the amount.
In essence, the company remains silent on the exact amount of cryptocurrency that was appropriated due to the security breach.
Despite not disclosing the total amount of cryptocurrency stolen, it did provide details about forty-one wallet addresses that were involved in the breach.
According to on-chain statistics, several transactions were made into one of the wallets, with a consequential balance of 56 Bitcoin.
This sum alone amounts to more than $1.54 million, going by the current value of Bitcoin. A different digital wallet displays several transactions for another crypto token, namely Ether which collectively amounts to 21.82 ETH.
At the current market value of Ether, this is approximately worth $36,000. A few news platforms tried to confirm this with the company itself, however, it did not respond to these claims.
General Bytes Cautions BTC ATM Operators
The company has issued an urgent recommendation for Bitcoin ATM operators to set up their own independent servers.
They have even released two updates for their Crypto Application Server (CAS), which is responsible for overseeing the operation of the ATM.
Kyovsky wrote a message advising to ensure that CAS is protected by a firewall and VPN. According to the message the terminals were also advised to connect to the CAS using a VPN.
He also suggested that all user passwords and API keys linked to exchanges and wallets should be considered compromised. This was followed by advice to invalidate those and replace them with new keys and passwords.
General Bytes had its system compromised last year in September as well which allows hackers to modify the settings.