• A group of crypto hackers have stolen $1.5 million in BTC from several bitcoin ATMs hosted by General Bytes.
• The hackers took advantage of a zero-day vulnerability to prevent all transaction losses from being reversed.
• General Bytes has told customers that it will no longer be managing CASes on behalf of its users and is cooperating with federal officials on the matter and performing an internal investigation.
General Bytes ATMs Attacked by Cyberthief
A group of cyberthieves have taken advantage of a zero-day vulnerability to steal over $1.5 million worth of Bitcoin from several Bitcoin ATMs hosted by General Bytes, a company that provides automated teller machine (ATM) services worldwide.
Security Breach Causes Significant Losses
The incident occurred during the night of March 17th to 18th and resulted in significant losses for many customers. General Bytes released a statement explaining how the attackers were able to take control of their machines and flee with so much money: they identified a security vulnerability in the master service interface used by BATMs to upload videos to the CAS, scanned IP address space managed by Digital Ocean, exploited the found vulnerability and uploaded Java applications directly to an application server used by an admin interface configured to start applications in its deployment folder automatically.
Company Apologizes & Takes Action
General Bytes have apologized for what happened and are currently doing everything they can in order to help affected customers get back online and continue operating their ATMs as soon as possible. They are also conducting an internal investigation into this incident in order to better understand what happened and review their security procedures accordingly.
Customers Must Now Manage Servers On Their Own
In order for customers to avoid similar incidents in the future, General bytes has informed them that it will no longer be managing CASes on behalf of its users, meaning terminal holders will now be required to manage all future servers themselves.
Cooperation With Federal Officials & Internal Investigation Ongoing
The firm is also working closely with federal officials on this matter while performing an internal investigation in order collect data from customers regarding their individual losses