Security News > 2023 > March > Attackers hit Bitcoin ATMs to steal $1.5 million in crypto cash
According to General Bytes, the outfit that sold the ATMs and had managed some of them with a cloud service, the attackers used an interface designed to upload videos to instead inject a malicious Java application, and then subverted ATM user privileges.
"The entire team has been working around the clock to collect all data regarding the security breach and is continuously working to resolve all cases to help clients back online and continue to operate their ATMs as soon as possible," General Bytes explained in a statement.
General Bytes notified companies that bought its ATMs to shut down their systems.
Businesses buying the ATMs connect them to a crypto application server managed by the customer themselves or - until now - General Bytes through cloud service provider DigitalOcean.
The baddies scanned DigitalOcean's IP address space and found Crypto Application Server services on port 7741 - including General Bytes' cloud service and other customers running their ATMs on DigitalOcean.
The Register has asked General Bytes for further comment and will update if more information comes in.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/03/23/general_bytes_crypto_atm/