Users of General Bytes crypto ATMs lost over $1.5 million during a hacker attack

Article reading time:
1 min.

Crypto ATM manufacturer General Bytes announced a hack in its cloud platform. The hackers installed malware on devices and gained access to users' assets, stealing over $1.5 million.

In a bulletin published by General Bytes,it is said that thanks to the vulnerability, attackers can remotely upload Java applications to the company's cryptomats. With their help, hackers can access user information and input data, as well as steal cryptocurrencies from hot wallets. The company has suspended its cloud service, but ATMs connected to third-party servers also remain vulnerable.

“Hackers can access the database.They can read and decrypt API keys used to access funds on hot wallets and exchanges, withdraw assets from them. They also have access to usernames, can download their password hashes and disable two-factor authentication,” said General Bytes founder Karel Kyovsky.

The company published a list of 41 addresseswallets to which hackers transferred funds. Most of all, they withdrew bitcoins - 56 BTC are stored on the wallet, which is over $1.54 million. In addition, the attackers were able to steal almost 22 ETH.

This is not the first case of hacking cryptomatsGeneral Bytes. Last August, the company reported that its crypto application server had been hacked. At the same time, as stated on the company's website, it has released more than 15,000 cryptomats, which are used by companies from 149 countries.