Hackers are targeting Bitcoin ATMs through zero-day attacks

– Several General Bytes crypto ATMs were hacked through zero-day exploits. – Threat actors are redirecting customer deposits and sales to their external wallets. – General Bytes is advising users not to use their ATMs until the latest server patches are released.

[{"selector":"#anim-180fadff-ce7e-48e1-85b8-8ede72a32a67","keyframes":{"opacity":[0,1]},"delay":0,"duration":7000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-8a20bd4f-81be-4e6c-a170-d24289aba65e","keyframes":{"transform":["translate3d(-100%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":7000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-84bc72de-9d17-4741-869e-99bcad9e6595","keyframes":{"opacity":[0,1]},"delay":0,"duration":1200,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-3e4af7b7-b31f-4ed0-bf61-dba6b086c152","keyframes":{"transform":["scale(0.3333333333333333)","scale(1)"]},"delay":0,"duration":1200,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] Green Star Recently, a group of anonymous hackers have exploited a zero-day bug in the General Bytes Bitcoin ATM servers to steal BTC from several customers. When the customers purchase or deposit bitcoin through these ATMs, the zero-day vulnerability allows hackers to divert the funds into their own wallets. General Bytes is one of the largest manufacturers of cryptocurrency ATMs. Currently, they have nearly nine thousand crypto ATMs installed worldwide. They allow people to purchase, sell, or deposit over 40 different cryptocurrencies.

How are hackers targeting the Bitcoin ATMs?

[{"selector":"#anim-d7f0daa0-a981-43d5-abe9-f7b7a59faa05","keyframes":{"opacity":[0,1]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-9ec5e40c-6f5e-4966-8631-ab0c8c0f8a3f","keyframes":{"transform":["translate3d(1246.42796%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Green Star The General Bytes security advisory board published a memo on August 18th outlining the aspects of this zero-day exploit. The attacker was apparently able to create an admin user account remotely via the CAS admin panel. They achieved this by performing a URL call on the default installation page of the server, which is accessed by employees when they create their first admin account.

[{"selector":"#anim-7f35a27a-9d54-40ff-aa48-99486d3b2458","keyframes":{"opacity":[0,1]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-aa211151-0724-471d-8ae7-df3a62af3264","keyframes":{"transform":["translate3d(1246.42796%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Green Star According to the advisory report, this vulnerability has been present in the CAS software since its previous version. The General Bytes team believes hackers scanned the web for exposed servers on TCP ports 443 or 7777. All servers hosted at General Bytes and Digital Oceans run on these ports. Once they created the fake admin account, hackers could modify the ‘buy’ and ‘sell’ settings on the ATM servers and direct payments to an external wallet.

Users warned not to use BTC ATMs for now

[{"selector":"#anim-c35e7400-c2fa-4cf3-8a26-07b2abd4ae02","keyframes":{"opacity":[0,1]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-98055f5e-c37b-44b6-8496-f4662b9e55fb","keyframes":{"transform":["translate3d(1246.42796%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Green Star General Bytes has warned its customers not to use their Bitcoin ATMs until they applied two updated server patches. There are currently eighteen General Bytes servers exposed to the open web, which might be vulnerable to a zero-day exploit. The majority of these exposed servers are located in Canada. They have also provided a checklist of steps users must follow when using their services.

[{"selector":"#anim-00c18522-59a5-432e-bcd1-0e07f3d83b14","keyframes":{"opacity":[0,1]},"delay":0,"duration":7000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d8bb5a2b-a1f2-4328-83b9-ab36cb1f08dd","keyframes":{"transform":["translate3d(-100%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":7000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-be5e9c25-dded-4d65-8a52-d8eae7b87949","keyframes":{"opacity":[0,1]},"delay":0,"duration":1200,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-e9604f2a-2191-432c-9147-e7642ddf99bc","keyframes":{"transform":["scale(0.3333333333333333)","scale(1)"]},"delay":0,"duration":1200,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] Green Star Crypto hacks have soared in recent months, with over $3.2 billion lost to such incidents in 2021. The figure is already worse this year, so users must take caution when using any crypto or DeFi services. It’s also critically important that every crypto trader or user is always up to date with the latest information on the services they use.

We Bring You Industry News And More

[{"selector":"#anim-2936db5b-8120-4953-9a97-dbe84191e876","keyframes":{"opacity":[0,1]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-f8a08ba2-420d-42c7-9d53-d278e459f0e7","keyframes":{"transform":["translate3d(1246.42796%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":1800,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Green Star

Hackers are targeting Bitcoin ATMs through zero-day attacks

– Several General Bytes crypto ATMs were hacked through zero-day exploits. – Threat actors are redirecting customer deposits and sales to their external wallets. – General Bytes is advising users not to use their ATMs until the latest server patches are released.

How are hackers targeting the Bitcoin ATMs?

Users warned not to use BTC ATMs for now

We Bring You Industry News And More

What New Coins are Coming to Crypto com?