Last Updated: 22 August 2022
A hacker has stolen money from people sending crypto currency to ATMs. This reportedly involved deposits to General Bytes ATMs.
Cointelegraph: Hackers successfully manipulated the Bitcoin ATM servers of General Bytes — which operates 8827 ATMs globally — to make themselves the beneficiary of all incoming crypto. https://t.co/uNUGx8cNll
— Revoluzion Token (@RevoluzionToken) August 22, 2022
The hacker managed to modify the settings of devices with the settings of his own wallet. This allowed him to display an invalid payment address on the screen. This address did not belong to the ATM operator, so the money ended up in the hacker’s hands. A statement reads as follows:
“The attacker was able to remotely create an admin user through the CAS management interface. He reached the page used for the default installation on the server via a URL call. This is also where the first admin user is created.”
Bleeping Computer brought the news the day before yesterday, and the company has also provided clarity.
Here, you can read the Patch release with a bit more background information.
Of course, General Bytes has started working on a solution. They say they have done several audits since 2020, but this problem had not come to light.
The attack took place three days after a new feature was placed in the ATM. The ATM had added a “Help Ukraine” function to the device.
It is not known, how many customers were victims of the problem and how much bitcoin was captured.
Perhaps most importantly, the hacker did not gain access to the private keys of depositors. The rest of everyone’s bitcoin holdings are safe. Passwords and other data are also secure.
Currently, there are (reportedly) a total of 21 bitcoin ATMs in the Netherlands. The United States is the leader with over 34,000 ATMs, followed by Canada with 2550 ATMs and Spain with 255 ATMs.