Ongoing BTC ATM Hack, How They Work

You know those Bitcoin ATMs that have shown up in every gas station over the last few years? The ones that you’ve never seen someone use? Apparently they just got hacked.

How Bitcoin ATMs Work

The affected models are made by a company called General Bytes, and they’re primarily located in Canada. Generally, the way it works is you sign up with your wallet, and then you go to the location and buy BTC with cash (they only accept cash). Some of the ATMs require you to KYC your account, which will likely be required for all of them at some point.

Your price is locked in when you make the purchase, and you get a receipt just like you made a standard ATM transaction.

Why Use a Bitcoin ATM?

Really the only reason I could think of for using a BTC ATM was to avoid KYC. The requirements are regional, so some countries may outright require this while others will not. I say this is the only reason to use one because fees can get as high as a staggering 20%, though that is the most extreme case. They’re largely between 4% and 12%.

Compared to large centralized exchanges like Coinbase or FTX, where fees are less than 1%, this is horrifically expensive. And profitable for the operators.

An operator’s expense breakdown consists of the initial purchase price and installation of the machine, power and internet, and space for the machine in a place that is presumably high traffic. And these machines aren’t cheap, some of them are north of $7k.

The Hack

It appears that the hackers got access to General Bytes servers, created an admin account, and redirected all payments to their own accounts. The company hasn't determined how much cryptocurrency was stolen, and there hasn’t been a clear announcement of what actions will be taken. General Bytes advises users not to use the ATMs for the time being.

We advise users not to use the ATMs.