General Bytes shares a detailed report about a recent hack.
General Bytes, a manufacturer of Bitcoin ATMs, has announced plans to compensate customers who lost funds in a cyberattack, in addition to implementing new security measures.
According to an incident report by the Prague-based ATM maker, the attacker deployed a zero-day exploit and transferred customers’ crypto from their hot wallets.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is Blockchain? (Animated Examples + Explanation)
The attacker reportedly used a Java application that allowed the malicious actor to access sensitive information, such as user passwords and private keys. In response to this breach, General Bytes shut down its cloud service.
Data from Blockchair indicates that the hacker made away with over 56 Bitcoins (BTC), valued at $1.5 million as of March 28th. At the time of writing, all BTC had been moved from the wallet address used for the breach. The attacker also used dozens of crypto wallets to steal other cryptocurrencies from compromised wallets, including 21.82 Ether (ETH).
Besides customer refunds, General Bytes has called on users to migrate their infrastructure to self-hosted server installations secured by VPNs. The ATM maker highlighted that there had been minimal impact on infrastructure running on such installations.
Upon identifying the breach on March 18th, the Bitcoin ATM manufacturer alerted its customers to act and protect their data. The company stated:
The entire team … is continuously working to resolve all cases to help clients back online and continue to operate their ATMs as soon as possible.
General Bytes notes that the vulnerability had remained undiscovered since 2021 and that it will conduct multiple independent security audits to enhance its safety.
