Bitcoin Hodlers Experience Profits on Majority of Trading Days

Bitcoin has been a popular investment asset since its inception in 2009, and data shows that hodlers have experienced profits on the majority of trading days. According to, Bitcoin hodlers enjoyed profitable days on 88.50% of the 4,593 days the cryptocurrency has been tradable. This challenges the historical narrative that crypto has depreciating volatility, proving that holding Bitcoin is provably profitable in the long run.

The profitability of Bitcoin can be attributed to its hard limit on total supply and seamless global usability. These factors have contributed to its status as a store of value, and the historical price performance of Bitcoin confirms its potential as a profitable investment. However, investors must understand Bitcoin’s market cycles to maximize their profits and avoid buying at the top and selling at the dip.

Out of the 4,593 trading days, only 531 or 11.56% were unprofitable for long-term hodlers. These unprofitable days occurred between December 28, 2022, and June 12, 2022, during which Bitcoin was priced above the range of $26,246.58 and $28,344.5. This emphasizes the importance of understanding market cycles, and investors should exercise caution to avoid significant losses.

While some investors prefer to hold Bitcoin long-term, others make daily trades on crypto exchanges for consistent profits. Regardless of the investment strategy, understanding the market cycles and trends is crucial for maximizing profits.

However, investing in Bitcoin is not without its risks, as demonstrated by the recent security vulnerability discovered by General Bytes. The manufacturer of Bitcoin ATMs had to shut down its cloud services after discovering a vulnerability that allowed attackers to access users’ hot wallets and gain sensitive information. Karel Kyovsky, the founder of General Bytes, stated that multiple security audits since 2021 did not identify the vulnerability.

In conclusion, Bitcoin’s profitability challenges the historical narrative of depreciating volatility in the crypto market. Hodlers have experienced profits on the majority of trading days, making Bitcoin a potentially lucrative investment asset. However, understanding market cycles and trends is essential for investors to maximize their profits and avoid significant losses. Additionally, investors should be aware of the potential risks associated with investing in Bitcoin, such as security vulnerabilities.


Tagged : / / / / /

Hackers Steal Cryptos from General Bytes Bitcoin ATM via Zero-day Bug

General Bytes, the world’s top three manufactuer of cryptocurrency ATMs, has confirmed that its ATMs have been hacked using a zero-day vulnerability in server ports to steal cryptocurrencies from customers.

General Bytes operates over 8,000 Bitcoin ATMs in more than 120 countries and regions to allow people to buy or sell over 40 different cryptocurrencies.

The company claimed that hackers captured a zero-day vulnerability in the company’s crypto application server (CAS), allowing remote operations to gain administrator privileges, thereby modifying the recipient wallet address and allowing customers to obtain stolen money when buying and selling cryptocurrencies.

A zero-day, also known as a “0-day”, is followed by various situations such as “vulnerability, exploit, or attack” alongside zero-day, which refers to a vulnerability exploited by hackers that has not yet been patched in the original code.

According to the version update notes released by General Bytes on the 18th, explained that:

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user.”

Hackers entered Digital Ocean’s cloud hosting server vulnerabilities by scanning TCP port 7777 or 433 on the network, creating a default administrator user named “gb” and adding it to the company’s own Crypto Applicate Server (CAS).

After that, the user can remotely tamper with the preset “buy”, “sell”, “invalid transaction address”, and other wallet positions on the ATM and wait for the trader to operate the ATM to transfer the cryptocurrency, which will then be transferred to the hacker wallet.

At present, the company has not disclosed the specific amount of stolen money and the number of stolen ATMs and patched server vulnerabilities promptly.

According to its security bulletin, the related vulnerability has been present in the CAS software since version 20201208.

Image source: Shutterstock


Tagged : / / / / / /

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes

Kraken Security Labs has said that a “large number” of Bitcoin ATMs are vulnerable to hacking as the administrators never changed the default admin QR code.

In a Sept. 29 blog post, Kraken posted research from its Security Labs team which found that there are “multiple hardware and software vulnerabilities” in the General Bytes BATMTwo ATM range.

“Multiple attack vectors were found through the default administrative QR code, the Android operating software, the ATM management system and even the hardware case of the machine,” the post read.

Kraken’s security team stated that if a hacker gets their hands on the administrative code, they can essentially “walk up to an ATM and compromise it,” while also highlighting issues with the BATMtwo’s lack of secure boot mechanisms, as well as “critical vulnerabilities” in the ATM’s management system. However, General Bytes has reportedly already alerted ATM owners to the vulnerabilities:

“Kraken Security Labs reported the vulnerabilities to General Bytes on April 20, 2021, they released patches to their backend system (CAS) and alerted their customers, but full fixes for some of the issues may still require hardware revisions.”

The team also found that it was able to gain full access to the Android operating system behind the BATMTwo ATM by simply attaching a USB keyboard to the machine, and warned that “anyone” could “install applications, copy files or conduct other malicious activities.”

General Bytes is headquartered in the Czech Republic and, according to Coin ATM Radar, there are currently 6391 General Bytes ATMs installed worldwide, which represents 22.7% of the global market. However, those figures also account for BATMThree machines which weren’t reported on by Kraken.

The majority of the BATM ATMs are located in the U.S. and Canada, with a combined figure tallying in at around 5300, while Europe has around 824 ATMs installed.

Kraken is calling on BATMTwo owners and operators to change the default QR admin code, update the CAS server and place the ATMs in visible locations for security cameras.

Related: El Salvador ranks third in global Bitcoin ATM installations, data finds

Bitcoin ATM scams

While reports of hacked Bitcoin ATMs appear to be minimal, there is a history of crafty individuals building scams around crypto ATMs.

In March of 2019, the Toronto Police issued a public statement calling on the community to locate four men suspected of carrying out a series of “double-spending” transactions that fetched $150,000 worth of funds over a 10-day window. Double spending consists of canceling transactions before the ATM has had a chance to confirm but keeping the dispensed cash.

The Oakland Press reported on June. 22 of this year that two women from Berkley were scammed out of a combined $15,000 after fraudsters posed as public safety officers and federal employees. The scammers reportedly told the victims that they had outstanding warrants and tax violations, and ordered them to pay fines via local Bitcoin ATMs in the area.

And Malwarebytes posted research in August which uncovered a trend of gas station Bitcoin ATM scams in which threat actors would post fake jobs listings to dupe applicants into money laundering.