Hacker stole from clients making deposits on Bitcoin ATMs

Quick Take

  • A hacker stole funds from clients making deposits at General Bytes Bitcoin ATM machines.
  • The attacker was able to modify the crypto settings of two-way machines, the company said.

A hacker stole crypto funds from customers making deposits at General Bytes Bitcoin ATM machines, according to an advisory published this week.

The hacker modified the crypto settings of two-way machines with his wallet settings and the invalid payment address setting, the company said in an advisory published Thursday. Bleeping Computer first covered the news.

"The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user," the statement said.

The company published steps to take to implement a security fix published on its website. It said that in the multiple audits it has completed since 2020, it had not identified this vulnerability.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy