BTC Theft: Here’s How Hackers Stole Millions From A Bitcoin ATM In An Ingenious Move

BTC Theft: Here’s How Hackers Stole Millions From A Bitcoin ATM In An Ingenious Move
  • A group of hackers pilfered bitcoin from an ATM operated by General Bytes.
  • The hackers broke into the servers through a bug that gave them administrator status over the systems.
  • Although crypto scams are declining, hackers are still having a field day in the industry.

General Bytes Bitcoin ATMs were the victim of a large-scale security breach that led to the loss of Bitcoins and left operators scratching their heads.

At the tail end of last week, the servers of General Bytes were the target of an unknown group of cybercriminals. The bad actors managed to implement a zero-day attack on the Bitcoin ATM operator that made them the default operators of the systems.

The exact amount stolen by the hackers was yet to be made public, but some analysts believe the figure is north of $1 million. After officially confirming the hack, General Bytes warned that customers should refrain from using the ATM while the firm updates its server with new patch releases.

Furthermore, customers were advised to confirm their SELL Crypto Setting to ensure that the hackers did not tamper with settings to automatically transfer any received funds to the wallets of the attackers.

The method of attack

General Bytes’ post-mortem confirms that the hackers used a zero-day vulnerability to access the firm’s CAS to tamper with the funds. The centralized CAS controls the execution of buying and selling digital assets on the platform, making it easy for hackers to move the funds.


The hackers completed the puzzle by making themselves default administrators on the CAS with the username “GB”. To automate the process, they tweaked the buy and sell options to transfer all received Bitcoins to the hacker’s address.

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user.”

General Bytes operates in 120 countries and runs well over 8,500 Bitcoin ATMs, which is illustrative of the potential severity of the breach.

Hackers running the show

Data from the cryptoverse pointed out that there has been a dip in the number of crypto scams due to the decline in asset prices. However, hackers are bucking the trend to score large wins in heists that have sent shivers down the spines of industry players.

Nomad, a crypto startup lost $190 million in a jarring security breach. An inquest into the nature of the bug revealed that the hackers did not need to have programming skills to pull off the heist.

Solana-based Slope was the latest to suffer a cruel fate at the hands of hackers, as thousands of users lost their SOL to the bad actors.