Hackers exploit zero-day bug to steal General Bytes Bitcoin ATMs
The hack meant that all crypto entering the Bitcoin ATM would instead be diverted by the hackers.
New
Bitcoin ATM maker General Bytes had its servers compromised in a zero-day attack on August 18, which allowed hackers to make themselves the default administrators and change settings so that all funds are transferred to their wallet address.
The amount of stolen funds and the number of compromised ATMs were not disclosed, but the company urged ATM operators to update their software.
The hack was confirmed by General Bytes on August 18, which owns and operates 8,827 Bitcoin ATMs accessible in over 120 countries. The company is headquartered in Prague, Czech Republic, where ATMs are also manufactured. ATM customers can buy or sell more than 40 coins.
The vulnerability has been present since hacker modifications updated CAS software to version 20201208 on August 18.
General Bytes has urged customers to refrain from using their General Bytes ATM servers until they update their server with patch version 20220725.22 and 20220531.38 for customers running on 20220531.
Customers have also been advised to modify their server's firewall settings so that the CAS administration interface can only be accessed from authorized IP addresses, among others.
Before reactivating the terminals, General Bytes also reminded customers to review their "SELL Crypto Setting" to ensure that the hackers had not changed the settings so that any funds received would instead be transferred to them ( and not to customers).
General Bytes said that several security audits have been conducted since its inception in 2020, none of which identified this vulnerability.
How did the attack happenThe General Bytes security consulting team said in the blog that the hackers carried out a zero-day vulnerability attack to gain access to the company's Crypto Application Server (CAS) and extract the funds.
The CAS server handles all ATM operations, which includes executing the buying and selling of crypto on supported exchanges and coins.
Related:
The hack meant that all crypto entering the Bitcoin ATM would instead be diverted by the hackers.
New
Bitcoin ATM maker General Bytes had its servers compromised in a zero-day attack on August 18, which allowed hackers to make themselves the default administrators and change settings so that all funds are transferred to their wallet address.
The amount of stolen funds and the number of compromised ATMs were not disclosed, but the company urged ATM operators to update their software.
The hack was confirmed by General Bytes on August 18, which owns and operates 8,827 Bitcoin ATMs accessible in over 120 countries. The company is headquartered in Prague, Czech Republic, where ATMs are also manufactured. ATM customers can buy or sell more than 40 coins.
The vulnerability has been present since hacker modifications updated CAS software to version 20201208 on August 18.
General Bytes has urged customers to refrain from using their General Bytes ATM servers until they update their server with patch version 20220725.22 and 20220531.38 for customers running on 20220531.
Customers have also been advised to modify their server's firewall settings so that the CAS administration interface can only be accessed from authorized IP addresses, among others.
Before reactivating the terminals, General Bytes also reminded customers to review their "SELL Crypto Setting" to ensure that the hackers had not changed the settings so that any funds received would instead be transferred to them ( and not to customers).
General Bytes said that several security audits have been conducted since its inception in 2020, none of which identified this vulnerability.
How did the attack happenThe General Bytes security consulting team said in the blog that the hackers carried out a zero-day vulnerability attack to gain access to the company's Crypto Application Server (CAS) and extract the funds.
The CAS server handles all ATM operations, which includes executing the buying and selling of crypto on supported exchanges and coins.
Related:
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
