![\"\"](\"https:\/\/www.cryptocabaret.com\/wp-content\/uploads\/2023\/03\/bytes-768x432.jpg\")
<\/p>\n<\/p>\n
General Bytes experienced a security incident on March 17 and 18 that enabled a hacker to remotely access the master service interface and send funds from hot wallets, according to the company and sources. The breach forced a majority of U.S.-based crypto automated teller machine (ATM) operators to temporarily shut down. The hacker was able to liquidate 56.28 bitcoins, worth approximately $1.5 million, from about 15 to 20 crypto ATM operators nationwide.<\/strong><\/p>\n The largest cryptocurrency automated teller machine (ATM) manufacturer, General Bytes<\/a>, has produced 9,505<\/a> such machines globally, with thousands located in the United States. On Saturday, March 18, the company informed the public<\/a> of a serious security incident that occurred on March 17 as well.<\/p>\n \u201cWe released a statement urging customers to take immediate action to protect their personal information,\u201d the company explained at 4:42 p.m. (ET) on Saturday. \u201cWe urge all our customers to take immediate action to protect their funds and personal information and carefully read the security bulletin,\u201d the firm added.<\/p>\n General Bytes\u2019 security bulletin<\/a> said the attacker was able to remotely upload their own Java application using the master service interface, which is typically used by terminals to upload videos. The attacker had access to BATM user privileges and was also able to access the database, read and decrypt API keys used to access funds in hot wallets and exchanges. In addition, the hacker could download usernames, access their password hashes, turn off 2FA, and send funds from hot wallets.<\/p>\n Bitcoin.com News spoke with a U.S.-based cryptocurrency automated teller machine (ATM) operator who confirmed that all U.S. operators using General Bytes machines were shut down nationwide for the evening. The operator also mentioned that servers would have to be rebuilt from the ground up, which can be a lengthy process.<\/p>\n Reportedly, General Bytes is transitioning crypto ATM operators to self-hosted servers. In the security bulletin, General Bytes stated that the company is discontinuing its cloud service. Furthermore, the firm explained that it had conducted multiple security audits since 2021, and none of them had identified this vulnerability.<\/p>\n According to onchain statistics, the hacker siphoned 56.28 bitcoins worth approximately $1.5 million and also liquidated dozens of other cryptocurrencies such as ETH<\/a>, USDT<\/a>, BUSD, ADA<\/a>, DAI, DOGE, SHIB, and TRX<\/a>. The bitcoin (BTC) address<\/a> holding the 56.28 BTC<\/a> has not moved the funds since its last transaction at 3:20 a.m. on March 18. Some digital currencies were transferred to different locations, and a fraction was sent<\/a> to the decentralized exchange (DEX) platform Uniswap.<\/p>\nCrypto ATM Operators Temporarily Shut Down After General Bytes Security Breach Enables Hacker to Liquidate $1.5M in Bitcoin and Other Cryptocurrencies<\/h2>\n