Robert Steinadler, 9 months ago
GeneralBytes is one of the world’s biggest producers of Bitcoin ATMs and their products are present in over 143 countries. Last weekend there was a security breach that was used to bring ATMs under the attacker’s control. It is yet unclear how much damage was done due to the attack but GeneralBytes confirmed the incident which is quite a shock.
What happened to those Bitcoin ATMs, how did this security breach got fixed and what should you keep in mind using an ATM?
Each ATM is connected to a crypto application server (CAS) which is making the transactions happen. No matter if a customer is trying to buy crypto for cash or if he is selling his precious digital gold, the CAS is controlling the transaction. That being said, whoever controls the CAS can manipulate the ATM and change conditions as he sees fit.
An unknown hacker managed to gain access to the CAS by reaching out to a specific URL and opening up a new user account called “gb”. After having installed a new user with admin rights the attacker was able to steal funds by redirecting crypto transactions.
It is not known how many people have fallen victim to the attack. Some of the biggest ATM providers in Europe have already issued statements and it seems that not all providers have suffered from the vulnerability. Those who have were advised to turn down the machines and install a patch fixing the bug that led to the hack in the first place.
Bitcoin ATMs cover an important niche. They offer to swap cash for crypto at a fixed rate. However, the recent incident shows again that they are less secure and aside from security concerns there are other points that make them less attractive than trading on a crypto broker or exchange.
Many ATM providers chose fees between 5 % and 10 % per transaction which is way above the average of any broker or exchange. One could argue that this is simply a fair price for the service. The ATM providers have to pay rent to place the machine in a mall or another public place. They also have to maintain the hardware and software as well as move money in and out of the machines. This is also very cost-intensive since they are required to hire security guards to keep funds protected.
But there is an additional cost that customers have to pay. Most ATM providers deviate from the current spot price by a large margin. Providers pay up to 15 % less when customers sell crypto and ask for up to 15 % more when customers are buying. Make no mistake, even if the deviation is not that drastic in all cases it’s still a nice chunk of money that they are making by manipulating the spread between “ask” and “bid”.
Of course, this is in no way the fault of producers like GeneralBytes but it sheds a bad light on this part of the industry.
May 22, 2023
Every year the Bitcoin community is celebrating the fact that somebody bought two pizzas online. This looks a little bit strange at first glance but it is one of the most important moments in Bitcoin’s history. What is Bitcoin Pizza Day all about and why is everybody celebrating it?
May 22, 2023
The guys who self-identify as the Taproot Wizards - Eric Wall and Udi Wertheimer - entered the main stage of Bitcoin Miami to loud cheers. After their short and silly wizard dance, the panel discussion started in earnest. But not everyone in the Bitcoin community is a fan of their quirky attitude and projects.
May 19, 2023
We wrote about it earlier: Jason Lowery believes Bitcoin could become the world's reserve currency and that countries should engage in a peaceful "arms race" to mine Bitcoin. He believes Bitcoin is a form of digital property that will be defended similar to how navies secure maritime thoroughfare. Not everyone is sold on this concept. Let's discuss a contrarian view.
May 18, 2023
Stablecoin issuer Tether (USDT) in its recent reserves report reveals that the company holds approximately 52 thousand BTC, worth a respectable $1.5 billion. This is only a fraction of its total assets but signals an interesting potential trend of institutions allocating a piece of their capital to Bitcoin.
Sign up to stay informed via our email updates