Robert Steinadler, 3 months ago

Bitcoin ATMs hacked – How did GeneralBytes products get compromised? 

GeneralBytes is one of the world’s biggest producers of Bitcoin ATMs and their products are present in over 143 countries. Last weekend there was a security breach that was used to bring ATMs under the attacker’s control. It is yet unclear how much damage was done due to the attack but GeneralBytes confirmed the incident which is quite a shock.

What happened to those Bitcoin ATMs, how did this security breach got fixed and what should you keep in mind using an ATM?

Attackers took over

Each ATM is connected to a crypto application server (CAS) which is making the transactions happen. No matter if a customer is trying to buy crypto for cash or if he is selling his precious digital gold, the CAS is controlling the transaction. That being said, whoever controls the CAS can manipulate the ATM and change conditions as he sees fit.

An unknown hacker managed to gain access to the CAS by reaching out to a specific URL and opening up a new user account called “gb”. After having installed a new user with admin rights the attacker was able to steal funds by redirecting crypto transactions.

It is not known how many people have fallen victim to the attack. Some of the biggest ATM providers in Europe have already issued statements and it seems that not all providers have suffered from the vulnerability. Those who have were advised to turn down the machines and install a patch fixing the bug that led to the hack in the first place.

Are Bitcoin ATMs a scam?

Bitcoin ATMs cover an important niche. They offer to swap cash for crypto at a fixed rate. However, the recent incident shows again that they are less secure and aside from security concerns there are other points that make them less attractive than trading on a crypto broker or exchange.

Many ATM providers chose fees between 5 % and 10 % per transaction which is way above the average of any broker or exchange. One could argue that this is simply a fair price for the service. The ATM providers have to pay rent to place the machine in a mall or another public place. They also have to maintain the hardware and software as well as move money in and out of the machines. This is also very cost-intensive since they are required to hire security guards to keep funds protected.

But there is an additional cost that customers have to pay. Most ATM providers deviate from the current spot price by a large margin. Providers pay up to 15 % less when customers sell crypto and ask for up to 15 % more when customers are buying. Make no mistake, even if the deviation is not that drastic in all cases it’s still a nice chunk of money that they are making by manipulating the spread between “ask” and “bid”.

Of course, this is in no way the fault of producers like GeneralBytes but it sheds a bad light on this part of the industry.

Featured articles
Four trading strategies for crypto
Bitcoin and Ethereum: what are the differences?
What determines the Bitcoin price?
Related articles
New Bitcoin mining report: 52% zero-emission

Dec 02, 2022

A researcher and former climate activist has established a new methodology to determine the percentage of the Bitcoin mining energy that comes from renewable sources. By including so-called off-grid mining, he estimates Bitcoin's total energy generation at 52% from zero-emission sources.

Trade anytime, anywhere

Boost your trading impact and reaction time in over 80+ cryptocurrencies via instant access to your portfolio with the LiteBit app.

  • 2525 Ventures B.V.
  • 3014 DA Rotterdam
  • The Netherlands
More info
  • About LiteBit
  • Careers
  • Business account
  • Support
  • Sell
  • News
  • Education
Subscribe for updates

Sign up to stay informed via our email updates

Subscribe
Explore popular coins
© 2022 LiteBit - All rights reserved