I hope you are well.
Bitcoin ATMs are not well-known to many people, but they do exist. These ATMs allow people to buy and sell Bitcoin and to withdraw fiat currency as cash. But like everything else, these machines are vulnerable to attack, as we saw last week.
Bitcoin ATM provider, General Bytes, experienced a security breach on March 18th, where hackers exploited a zero-day flaw in their ATM, stealing over $1.5 million in Bitcoin.
The attack allowed the hacker to do the following:
- Access the database.
- Read and decrypt API keys to access funds.
- Withdraw funds from the targeted hot wallets.
- Download usernames and password hashes.
- Disable two-factor authentication.
It took General Bytes 15 hours to release a patch for the vulnerability, but by then, the hackers had already escaped with their haul.
Based in the Czech Republic, General Bytes has sold over 15,000 Bitcoin ATMs in 149 countries. It is not the first time that they experienced a security incident. In August 2022, a vulnerability was exploited to steal funds.
This attack highlights the vulnerability of technologies to cybercrime. It’s essential to stay updated on software vulnerabilities and maintain up-to-date security protocols to minimize the potential damage of cyber attacks.
If you have questions about your privacy or security, don’t hesitate to contact our privacy team from within the Incognito app, which you can download from the Google Play Store.
All the very best, and talk to you soon.