Zero-Day Bug Allows Crypto Hackers to Drain $1.6M From Bitcoin ATMs
After its second cyberattack in under a year, General Bytes urges customers to up the security on their personal accounts to prevent losses from hackers.
Over St. Patrick's Day weekend, unidentified hackers stole more than $1.6 million in cryptocurrency from Bitcoin ATMs owned by General Bytes.
In what the ATM owner called a security incident of the highest severity, threat actors were able to exploit a zero-day flaw by uploading "his own java application remotely via the master service interface used by terminals to upload videos, and run it using batm user privileges," the advisory released by General Bytes stated.
Once the attackers were able to accomplish this, they secured access to the database, where they were able to "read and decrypt API keys used to access funds in hot wallets and exchanges, send funds from hot wallets, and download usernames, password hashes" as well as turn off the two-factor authentication (2FA) feature.
This cryptocurrency-related breach is the second aimed at General Bytes in under a year, the last of which occurred less than a year ago, in August.
Though the company has stated that it has run multiple security audits since 2021, this was a vulnerability that was never caught. General Bytes advises its terminal operator customers to keep their servers behind firewalls and VPNs, as well as assume that the passwords and API keys to exchanges and hot wallets used by end users are compromised — and should be changed accordingly.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024