Comprehensive up-to-date news coverage

HomeNewsTech NewsHackers are using a zero-day vulnerability to steal General Bytes' Bitcoin ATMs

Hackers are using a zero-day vulnerability to steal General Bytes’ Bitcoin ATMs

Published on

Follow us on Google News for latest updates and information.

News Tech: General Bytes, a company that makes bitcoin ATMs, had its computers hijacked by a zero-day assault on Thursday, allowing hackers to take over as the default administrators and change settings to direct all payments to their wallet address.

General Bytes, which owns and manages 8,827 Bitcoin ATMs that are available in more than 120 countries, acknowledged the theft. Prague serves as both the company’s headquarters and the location of the ATM factory. Customers of ATMs can buy or sell more than 40 coins.

The corporation has quickly recommended ATM operators to upgrade their software. The quantity of money taken and the number of affected ATMs have not been made public.

Since the hacker’s alterations, the company’s Crypto Application Server (CAS) software was updated on Thursday to version 20201208, exposing the vulnerability.

Since its founding in 2020, General Bytes claimed that multiple security assessments have been carried out, but none of them have discovered this issue.

According to the blog post by General Bytes’ security advisory team, the hackers used a zero-day vulnerability to attack the company’s CAS and steal the money. The CAS server controls every aspect of the ATM’s operation, including how cryptocurrency is bought and sold on exchanges and which coins are accepted.

A server hosted on General Bytes’ own cloud service was among those that the business believes the hackers “scanned for vulnerable servers running on TCP ports 7777 or 443, including servers.” The hackers then changed the “buy” and “sell” settings on the CAS, adding themselves as a default admin with the username “Gb,” so that any cryptocurrency the Bitcoin ATM received would instead be transferred to the hacker’s wallet address:

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user.”

Check the latest news about tech news section for best information.

Latest articles

Change or Sync Time in Windows 11

Hello everyone, in this article we will show you how Change or synchronize time...

Generate Battery Health Report in Windows 11

In this article we will talk about how to do it Generate battery health...

Fix ‘Not in Service Area’ Error in HBO Max

Hello everyone, in this article we will show you how fix "Not in service...

A planetary rover headed for Mars has been tested at a Milton Keynes quarry

In Science and Space: A planetary rover, potentially destined for a mission to...

More like this

Change or Sync Time in Windows 11

Hello everyone, in this article we will show you how Change or synchronize time...

Generate Battery Health Report in Windows 11

In this article we will talk about how to do it Generate battery health...

Fix ‘Not in Service Area’ Error in HBO Max

Hello everyone, in this article we will show you how fix "Not in service...

A planetary rover headed for Mars has been tested at a Milton Keynes quarry

In Science and Space: A planetary rover, potentially destined for a mission to...

Change Startup Folder of MS Word in Windows 11

In this article we will talk about how to do it Change the startup...

Amazon Fire tablet into a smart home hub with Device Dashboard

Hello everyone, today in this article we will show you how turn your Amazon...