800+ IT
News
als RSS Feed abonnieren📚 General Bytes Bitcoin ATMs Hacked via Zero-Day Attack
💡 Newskategorie: Hacking
🔗 Quelle: blackhatethicalhacking.com
General Bytes Bitcoin ATMs Hacked via Zero-Day Attack
Hackers Used Zero-Day Vulnerability to Steal Cryptocurrency
Bitcoin ATM manufacturer General Bytes recently disclosed that its management platform was exploited by hackers, resulting in the theft of cryptocurrency from the company and its customers. The attackers used a zero-day vulnerability in the BATM management platform to steal funds from Bitcoin ATMs that allow users to buy or sell over 40 different cryptocurrencies.
According to General Bytes, the attackers remotely uploaded a Java application via the ATM’s master service interface and ran it with “batm” user privileges. This enabled them to perform several actions, including accessing the database, reading and decrypting API keys, sending funds from hot wallets, downloading user names and password hashes, and turning off 2FA.
On March 17-18th, 2023, GENERAL BYTES experienced a security incident.
We released a statement urging customers to take immediate action to protect their personal information.
We urge all our customers to take immediate action to protect their funds and https://t.co/fajc61lcwR… https://t.co/g5FGqvqZQ7
— GENERAL BYTES (@generalbytes) March 18, 2023
The company has urged its customers to take immediate action and install the latest updates to protect their servers and funds from attackers. General Bytes also provided a list of cryptocurrency addresses used by the hacker during the attack, which shows that the attacker began stealing cryptocurrency from Bitcoin ATM servers on March 17th, with the attacker’s Bitcoin address receiving 56.28570959 BTC, worth approximately $1,589,000, and 21.79436191 Ethereum, worth roughly $39,000.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
General Bytes to Shutter Cloud Service Due to Security Concerns
General Bytes has announced that it will shutter its cloud service, stating that it is “theoretically (and practically) impossible” to secure it from bad actors when it must simultaneously provide access to multiple operators. The company will provide support with data migration to those who would like to install their own standalone Crypto Application Server (CAS), which should now be placed behind a firewall and VPN.
To address the exploited vulnerability, General Byte has released a CAS security fix provided in two patches, 20221118.48 and 20230120.44. The company plans to conduct numerous security audits of its products by multiple companies in a short period to discover and fix other potential flaws before bad actors find them.
However, this is not the first time that General Bytes has faced security incidents. In August 2022, the company experienced a security breach where hackers exploited a zero-day vulnerability in its ATM servers to steal cryptocurrency from its customers. Additionally, researchers from the Kraken cryptocurrency exchange found multiple vulnerabilities in General Bytes’ ATMs in 2021, which the company quickly fixed.
Trending: A primer on OS Command Injection Attacks
Multiple security audits, but none of them found the exploited vulnerability
Despite undergoing multiple security audits since 2021, none identified the exploited vulnerability that led to this recent attack. General Bytes’ experience highlights the importance of regularly testing and auditing the security of any software or hardware used in financial transactions. This also underscores the importance of swift action and updates in the face of known or potential security threats.
To protect against such attacks, users of Bitcoin ATMs and other crypto services should remain vigilant, maintain strong passwords and use two-factor authentication whenever possible. They should also regularly update their software and hardware, implement firewalls and VPNs, and monitor their accounts for unusual activity.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: info@blackhatethicalhacking.com
Source: bleepingcomputer.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.