General Bytes Deny Malware Vulnerabilities in Bitcoin ATMs

Bitcoin ATM producer General Bytes respond to report on malware that exploits vulnerabilities in their products.

General Bytes, the company behind many of the Bitcoin ATMs around the world, has responded to research on malware targeting their ATM devices. The company denied claims of the existence of such malware, and asserted that the product being sold by hackers is a scam.

According to the research published by Trend Micro, malicious software that allows hackers to steal up to $6,750 worth of BTC is being freely sold on underground forums for a price tag of $25,000.

“We researched the malware claim and found the offering to be a scam but because none of the blogs bothered to contact us they are effectively helping the scammer with free advertising, luring would-be thieves into purchasing a non-existent hack,” said General Bytes owner and CEO Karel Kyovsky in a statement.

Kyovsky attacked TrendMicro and “otherwise reputable blogs”, claiming the report served as a free advertisement for the scammers. According to him, people who fall victim to the swindle would never report it to the police due to ‘the nature of the product sold.’

In their rebuttal, General Bytes identified several ‘red flags’ that the malware being sold would actually target its buyers – including the fact that the vendor selling the product has previously only sold leaked customer bank data.

Kyovsky also outlined several technical inconsistencies that make the existence of such a product impossible. According to the General Bytes owner, Bitcoin ATMs do not possess functionalities that would allow dispensing cash or sending cryptocurrencies without receiving funds first. Kyovsky also questioned claims that the software comes with an EMV-compatible card.

“Anyone who has ever used a Bitcoin ATM knows that EMV cards have absolutely nothing to do with Bitcoin ATMs and the NFC functionality is only used to read the destination cryptocurrency address,” said the CEO. “The mentioned engineering menu known from regular ATMs doesn't exist on GENERAL BYTES Bitcoin ATMs and any factory test software doesn't contain any functionality which would enable the ATMs to send coins, accept cash or dispense cash. (For obvious security reasons.)”

Kyovsky ensured General Bytes’ clients their hardware’s security is ‘lightyears ahead’ when compared to regular ATMs, and stressed they maintain close ties with crypto ATM operators and update the software multiple times per month.

Earlier this month, Cryptovest covered the report, quoting a statement from Trend Micro’s Senior Threat Researcher Fernando Merces. In doing so Cryptovest had no intention of spreading potentially erroneous information, and wishes to apologize to any parties involved in the story.