Bitcoin ATM Manufacturer General Bytes Reports Highest Severity Security Breach

1 min read
Cointime Staff· 1 min read

General Bytes, a Bitcoin ATM manufacturer and software provider, has reported a security breach with a highest severity on March 18.

According to the release, the attacker was able to remotely upload his own java application using the master service interface, which was used by the terminals to upload videos and run it using batm user privileges.

The severity of this breach has been classified as highest, as it has resulted in the attacker gaining access to sensitive data and unauthorized funds transfer. The breach has allowed the attacker to access the company's database and read and decrypt API keys used to access funds in hot wallets and exchanges. The attacker has also been able to send funds from hot wallets and download user names, password hashes, and turn off 2FA.

Furthermore, the attacker had access to the terminal event logs and could scan for instances where customers scanned private keys at the ATM. The older versions of ATM software were logging this information, which increased the vulnerability of customer data.

General Bytes warns users not to continue operate their GB ATM server (CAS) unless provided solutions are implemented.

Any media, internet website or commercial organization shall not use the content published on this website for commercial reproduction of the original version, nor distort and tamper with the content published on this website. All the contents on the website cannot constitute any financial advice.
Follow Cointime To Get Fresh Web3 News

All Comments