SniperFx

Archives

  • March 2023
  • February 2023
  • January 2023
  • September 2022
  • August 2022
  • January 2022
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019

Categories

  • Analysis
  • Bonds
  • COVID
  • Crypto
  • Forex
  • Forex Trading
  • Ideas
  • Investing
  • Stocks
  • Uncategorized
  • World
  • Home
  • Forex
  • Crypto
  • Contact
0 Likes
0 Followers
0 Followers
Subscribe
SniperFx
SniperFx
  • Bonds
  • Crypto
  • COVID
  • Forex
    • Forex Trading
  • Ideas
  • Investing
  • Stocks
  • World

Hackers exploit zero day bug to steal from General Bytes Bitcoin ATMs

  • admin
  • August 22, 2022
  • 2 minute read
Total
0
Shares
0
0
0

The hack meant that all crypto going into the Bitcoin ATM would instead be siphoned off by the hackers.

Bitcoin ATM manufacturer General Bytes had its servers compromised via a zero-day attack on Thursday, which enabled the hackers to make themselves the default admins and modify settings so that all funds would be transferred to their wallet address.

The amount of funds stolen and the number of ATMs compromised has not been disclosed, but the company has urgently advised ATM operators to update their software.

The hack was confirmed by General Bytes on Thursday, which owns and operates 8827 Bitcoin ATMs that are accessible in over 120 countries. The company is headquartered in Prague, Czech Republic, which is also where the ATMs are manufactured. ATM customers can buy or sell over 40 coins.

The vulnerability has been present since the hacker’s modifications updated the CAS software to version 20201208 on Thursday.

General Bytes has urged customers to refrain from using their General Bytes ATM servers until they update their server to patch releases 20220725.22, and 20220531.38 for customers running on 20220531.

Customers have also been advised to modify their server firewall settings so that the CAS admin interface can only be accessed from authorized IP addresses, among other things.

Before reactivating the terminals, General Bytes also reminded customers to review their “SELL Crypto Setting” to ensure that the hackers didn’t modify the settings such that any received funds would instead be transferred to them (and not the customers).

General Bytes stated that several security audits had been conducted since its inception in 2020, none of which identified this vulnerability.

How the attack happened

General Bytes’ security advisory team stated in the blog that the hackers conducted a zero-day vulnerability attack to gain access to the company’s Crypto Application Server (CAS) and extract the funds.

The CAS server manages the ATM’s entire operation, which includes the execution of buying and selling of crypto on exchanges and which coins are supported.

Related: Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes

The company believes the hackers “scanned for exposed servers running on TCP ports 7777 or 443, including servers hosted on General Bytes’ own cloud service.”

From there, the hackers added themselves as a default admin on the CAS, named gb, and then proceeded to modify the “buy” and “sell” settings such that any crypto received by the Bitcoin ATM would instead be transferred to the hacker’s wallet address:

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user.”

Total
0
Shares
Share 0
Tweet 0
Pin it 0
admin

Previous Article

From subway stations to shopping malls, Taiwan prepares its air-raid shelters

  • admin
  • August 22, 2022
View Post
Next Article

Russian rouble weakens from near 4-week high vs dollar

  • admin
  • August 22, 2022
View Post
You May Also Like
View Post
  • World

Taiwan president defiant after China threatens retaliation for US trip

  • admin
  • March 29, 2023
View Post
  • World

China’s Xi speaks with Saudi crown prince, supports Saudi-Iran talks

  • admin
  • March 28, 2023
View Post
  • World

SVB deal soothes broader markets, but stress haunts banks

  • admin
  • March 27, 2023
View Post
  • World

Putin Russia, China not creating military alliance -agencies

  • admin
  • March 26, 2023
View Post
  • World

Trump warns of ‘death & destruction’ if charged with a crime

  • admin
  • March 25, 2023
View Post
  • World

End to Taiwan ties nears as Honduras foreign minister goes to China

  • admin
  • March 23, 2023
View Post
  • World

Sterling to suffer notably if the BoE stands pat – Commerzbank

  • admin
  • March 22, 2023
View Post
  • World

Taiwan president to visit US but no word on House Speaker meeting

  • admin
  • March 21, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Taiwan president defiant after China threatens retaliation for US trip
  • Adidas retracts opposition to Black Lives Matter three-stripe design
  • XRP Price Prediction What to Expect in the Next 48 Hours
  • HelenP. I Euro break resistance 1.0800 and can continue to grow
  • Concerns about insufficiently decisive Riksbank would put SEK under downward pressure – Commerzbank

Recent Comments

No comments to show.
Featured Posts
  • 1
    Taiwan president defiant after China threatens retaliation for US trip
    • March 29, 2023
  • 2
    Adidas retracts opposition to Black Lives Matter three-stripe design
    • March 29, 2023
  • 3
    XRP Price Prediction What to Expect in the Next 48 Hours
    • March 29, 2023
  • 4
    HelenP. I Euro break resistance 1.0800 and can continue to grow
    • March 29, 2023
  • 5
    Concerns about insufficiently decisive Riksbank would put SEK under downward pressure – Commerzbank
    • March 29, 2023
Recent Posts
  • EUR/USD comes under pressure near 1.0850
    • March 29, 2023
  • Crypto Trader Firmly Believes ADA’s Next Target Could Be $0.60
    • March 29, 2023
  • Game-Changer Nasal Spray A Universal Shield Against All COVID-19 Variants
    • March 29, 2023
Categories
  • Analysis (12)
  • Bonds (50)
  • COVID (77)
  • Crypto (69)
  • Forex (85)
  • Forex Trading (50)
  • Ideas (50)
  • Investing (50)
  • Stocks (93)
  • Uncategorized (40)
  • World (199)
SniperFx
  • Home
  • Forex
  • Crypto
  • Contact
Forex & Crypto Updates

Input your search keywords and press Enter.