Main Cryptocurrency ATM Producer Common Bytes Hacked, Over $1.5M in Bitcoin Stolen

Common Bytes skilled a safety incident on March 17 and 18 that enabled a hacker to remotely entry the grasp service interface and ship funds from scorching wallets, in line with the corporate and sources. The breach compelled a majority of U.S.-based crypto automated teller machine (ATM) operators to quickly shut down. The hacker was in a position to liquidate 56.28 bitcoins, value roughly $1.5 million, from about 15 to twenty crypto ATM operators nationwide.

Crypto ATM Operators Briefly Shut Down After Common Bytes Safety Breach Allows Hacker to Liquidate $1.5M in Bitcoin and Different Cryptocurrencies

The most important cryptocurrency automated teller machine (ATM) producer, General Bytes, has produced 9,505 such machines globally, with hundreds situated in the US. On Saturday, March 18, the corporate informed the public of a critical safety incident that occurred on March 17 as properly.

“We launched an announcement urging clients to take speedy motion to guard their private data,” the corporate defined at 4:42 p.m. (ET) on Saturday. “We urge all our clients to take speedy motion to guard their funds and private data and punctiliously learn the safety bulletin,” the agency added.

The variety of Common Bytes ATMs situated around the globe in line with Coin ATM Radar statistics.

Common Bytes’ security bulletin mentioned the attacker was in a position to remotely add their very own Java software utilizing the grasp service interface, which is often utilized by terminals to add movies. The attacker had entry to BATM person privileges and was additionally in a position to entry the database, learn and decrypt API keys used to entry funds in scorching wallets and exchanges. As well as, the hacker might obtain usernames, entry their password hashes, flip off 2FA, and ship funds from scorching wallets. Information spoke with a U.S.-based cryptocurrency automated teller machine (ATM) operator who confirmed that every one U.S. operators utilizing Common Bytes machines have been shut down nationwide for the night. The operator additionally talked about that servers must be rebuilt from the bottom up, which could be a prolonged course of.

Reportedly, Common Bytes is transitioning crypto ATM operators to self-hosted servers. Within the safety bulletin, Common Bytes acknowledged that the corporate is discontinuing its cloud service. Moreover, the agency defined that it had performed a number of safety audits since 2021, and none of them had recognized this vulnerability.

Based on onchain statistics, the hacker siphoned 56.28 bitcoins value roughly $1.5 million and in addition liquidated dozens of different cryptocurrencies corresponding to ETH, USDT, BUSD, ADA, DAI, DOGE, SHIB, and TRX. The bitcoin (BTC) address holding the 56.28 BTC has not moved the funds since its final transaction at 3:20 a.m. on March 18. Some digital currencies have been transferred to totally different places, and a fraction was sent to the decentralized trade (DEX) platform Uniswap.

Common Bytes has skilled points earlier than, recording a safety flaw on August 18, 2022. The attacker on the time leveraged a zero-day assault to “create an admin person remotely through CAS administrative interface through a URL name on the web page that’s used for the default set up on the server and creating the primary administration person.”

As for the March 17 and 18, 2023 hack, Common Bytes not solely disclosed the addresses used within the assault but additionally three IP addresses utilized by the attacker. The supply who spoke with Information on Saturday night additional famous that whereas their agency’s system was hacked, the corporate runs a full node that’s “locked down sufficient” to stop the attacker from accessing funds.

Tags on this story
2FA, ada, API keys, ATM, ATM attack, ATMs down, Automated Teller Machine, Bitcoin, Breach, BUSD, Cloud Service, Crypto, Crypto ATM attack, Cryptocurrency, DAI, Doge, ETH, Exchanges, Funds, General Bytes, General Bytes ATMs, General Bytes Crypto ATMs, Hack, hot wallets, IP addresses, java, Liquidation, nationwide, onchain statistics, operators, Security, self-hosted servers, shib, trx, uniswap, US ATM Operators, USDT, Vulnerability, zero-day attack

What do you concentrate on the breach that affected Common Bytes? Share your ideas about this topic within the feedback part under.

Jamie Redman

Jamie Redman is the Information Lead at Information and a monetary tech journalist dwelling in Florida. Redman has been an lively member of the cryptocurrency group since 2011. He has a ardour for Bitcoin, open-source code, and decentralized purposes. Since September 2015, Redman has written greater than 6,000 articles for Information in regards to the disruptive protocols rising immediately.

Picture Credit: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This text is for informational functions solely. It’s not a direct provide or solicitation of a suggestion to purchase or promote, or a advice or endorsement of any merchandise, providers, or firms. doesn’t present funding, tax, authorized, or accounting recommendation. Neither the corporate nor the creator is accountable, straight or not directly, for any harm or loss triggered or alleged to be attributable to or in reference to using or reliance on any content material, items or providers talked about on this article.

Learn disclaimer


Leave a Reply

Your email address will not be published. Required fields are marked *