cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Crypto ATM company General Bytes hacked, US$1.5m stolen

Global leader in crypto ATM development General Bytes has announced that it has suffered a security breach, resulting in the theft of over $2 million in cryptocurrency.

user icon Daniel Croft
Tue, 21 Mar 2023
Crypto ATM company General Bytes hacked, US$1.5m stolen
expand image

The incident occurred between 17 and 18 March and saw a hacker gain remote access to the master service interface and steal the equivalent of 56.28 bitcoin (BTC) from hot wallets, equating to approximately US$1.5 million (roughly $2.24 million).

A handful of other cryptocurrencies, including Ethereum (ETH), Tether (USDT), and Cardano (ADA), were also liquidated.

As a result of the breach, General Bytes were forced to shut down majority of its crypto ATM operators in the US. The company also released a patch for the vulnerability 15 hours after the attack occurred.


According to a release on the General Bytes website, the hacker uploaded their malicious Java program directly to the application server used by the admin interface after they identified a vulnerability in the master service interface used by bitcoin ATMs to upload videos to the server.

This gave the hacker access to the database, terminal event logs and hot wallets, as well as the ability to download usernames and passwords and disable two-factor authentication.

On top of being transparent about how much was stolen, the exact vulnerability, and the method the threat actor used, General Bytes has listed both the IP addresses and crypto addresses used in the attack.

General Bytes said that despite several security audits since 2021, this vulnerability had not been detected.

Following the attack, it wishes to run “multiple independent security audits of our product as we see now the importance of having various audits by several companies”.

In response to the breach, General Bytes shut down its cloud service, meaning customers will manage ATMs on individual servers, which will prevent a breach of this scale in the future.

It is also reaching out to clients to validate the reported losses, while working with authorities and running an internal investigation.

General Bytes has urged customers to “take immediate action to protect their personal information”, in a post on Twitter.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.