Introduction
Do you use cryptocurrency? If you do, then how do you refill your wallet – have you ever visited a crypto ATM to purchase more Bitcoins, or Dogecoins, or Ethereum, or whatever virtual coin you like best?
You may be familiar with online thieves looking to steal your crypto, but now it’s not just your digital wallets that you need to worry about. Recently, threat actors have been going after cryptocurrency ATM makers to steal millions of virtual dollars right from the source.
The Attack on General Bytes
In late March 2023, a major Bitcoin manufacturer announced a momentary shut-down of their cloud services. General Bytes operates over 9000 ATMs in 149 countries worldwide. Apparently, several machines were compromised in a security breach that led to the theft of $1.5M BTC.
A blog from the founder, Karel Kyovsky, explained that their investigation had unveiled a hacker who overrode the systems with a Java code, which let them decrypt the API keys needed to view and manage funds. In exploiting this vulnerability, hackers were able to transfer millions directly into their own wallets. The breach also allowed them to turn off users’ multi-factor authentication and then download their logins, passwords and other private information.
The company released the following statement on Twitter around the time of the incident:
Crypto Security
Threat actors have been going after crypto-wallets and NFTs for years; notably, the public theft of some Bored Ape NFTs owned by Seth Green in May 2022. Crypto exchange hacks have been recorded around the world. Crypto-jacking happens when your devices are sapped of power to mine digital currency.
Although the crypto market has fluctuated a bit in the past few years, there aren’t any signs that digital currency will evaporate anytime soon — nor will cyber-threats aimed at stealing and illegally generating virtual coins. Carefully monitor your digital wallets for suspicious activity so you can take immediate action if any of them are compromised. Equip your accounts with multi-factor authentication and change your passwords every couple of months to a new 12-character alphanumerical combo. These steps will best protect your digital wallets!
Conclusion
What should you do if this kind of thing happens to you? First step is to listen to what the company has to say regarding next steps, as they are working with authorities who are better-versed in best practices for protecting your information moving forward. Then inform your IT provider of the incident so they can help monitor the Dark Web for your personally identifiable information (PII) in the coming months, and advise you on what to do next to protect your data and private accounts. Often, the affected organization will offer credit monitoring services for those who were potentially exposed in the breach.
Attacks against cryptocurrency aren’t anything new. Digitization always spurs new cyberattacks, and while their popularity as a weapon might rise and fall, the threats themselves are here to stay. Pay attention to any alerts indicating your data or digital currency might have been affected in a breach so that you can take immediate recuperative action.
References
- https://cointelegraph.com/news/bitcoin-atm-maker-shuts-cloud-service-after-user-hot-wallets-compromised
- https://www.investing.com/news/cryptocurrency-news/bitcoin-atm-maker-shuts-cloud-service-after-user-hot-wallets-compromised-3035053
- https://cryptonews.com/news/security-breach-at-bitcoin-atm-maker-general-bytes-closes-cloud-service-amid-vulnerability-heres-what-happened.htm