好的,我现在需要帮用户总结这篇文章的内容,控制在100个字以内。首先,我得通读整篇文章,抓住关键信息。 文章主要讲的是Bitcoin Depot被黑客入侵,导致价值360万美元的比特币被盗。入侵发生在3月23日,黑客窃取了登录凭证,从公司钱包中转走了大约50.9 BTC。公司已经通知了SEC,并且正在与外部网络安全专家合作调查此事。目前还没有发现客户数据被盗的证据,但调查仍在进行中。这次事件对公司来说是重大的,可能涉及法律、声誉和响应成本。公司估计损失了约366.5万美元,但最终影响可能还会变化。此外,他们有保险可能覆盖部分损失,但无法保证完全恢复。 接下来,我需要将这些信息浓缩到100字以内。重点包括:入侵时间、被盗金额、影响范围、公司的应对措施以及潜在的后果。 可能的结构是:日期+事件+结果+公司行动+潜在影响。 所以总结应该是:黑客于3月23日入侵Bitcoin Depot,窃取凭证并转移约50.9 BTC(价值366.5万美元)。公司已启动调查,并与专家合作加强系统。目前未发现客户数据泄露,但事件对公司构成重大影响。 </think> 黑客于2026年3月23日入侵美国最大比特币ATM运营商Bitcoin Depot,窃取登录凭证并转移约50.9 BTC(价值366.5万美元)。公司已启动调查并加强系统安全。目前未发现客户数据泄露,但事件对公司构成重大影响。 2026-4-10 07:14:24 Author: securityaffairs.com(查看原文) 阅读量:14 收藏
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
Hackers breached Bitcoin Depot, stole credentials, and took about 50 BTC worth $3.6M from its wallets after a March 23 intrusion.
Hackers breached the largest US Bitcoin ATM operator, Bitcoin Depot, on March 23, stole login credentials, and drained about 50.9 BTC worth $3.6M from company wallets.
Bitcoin Depot told the SEC that a hacker accessed its systems and stole credentials linked to its digital asset settlement accounts, gaining control and enabling unauthorized activity.
“On March 23, 2026, Bitcoin Depot Inc. (the “Company”) discovered that an unauthorized party gained access to certain of its information technology systems. Upon detection, the Company promptly activated its incident response protocols, engaged external cybersecurity experts, and notified law enforcement. Based on the Company’s investigation to date, the unauthorized actor gained access to certain systems and obtained control of credentials associated with the Company’s digital asset settlement accounts.” reads the FORM 8-K filed with the SEC. “As a result, the unauthorized actor transferred approximately 50.903 Bitcoin from Company-controlled wallets, valued at approximately $3.665 million as of the date of this report, without authorization. The Company further believes that the incident was contained to the Company’s corporate environment and did not affect the Company’s customer platforms, divisions, systems, data or environments.”
The company continues to investigate the security breach with the help of external cybersecurity experts and works to strengthen its systems to prevent future attacks. It has not found evidence of stolen customer personal data, but the investigation is still ongoing.
The incident has not disrupted operations, but the company now considers it material due to possible legal, reputational, and response costs. It estimates a $3.665 million loss from unauthorized Bitcoin transfers, though the final impact may change. Insurance may cover part of the damage, but recovery is not guaranteed.
“The Company has recorded a preliminary estimate of loss of approximately $3.665 million, representing the fair value of the Bitcoin transferred without authorization as of the date of the incident. The ultimate impact may differ from this estimate as the investigation continues.” continues the FORM 8-K. “The Company maintains insurance coverage that may cover certain losses associated with cybersecurity incidents, but there can be no assurance that such coverage will be sufficient to recover any or all losses incurred as a result of this incident.”
This isn’t the first incident suffered by the company. In July 2025, Bitcoin Depot notified over 26,000 people about a data breach that happened in 2024. Attackers accessed company systems and stole files containing personal data.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Bitcoin Depot)
如有侵权请联系:admin#unsafe.sh