Hackers Robbed General Bytes Bitcoin ATMs Using a Zero-day Vulnerability

Key Takeaways:

  • Hackers took advantage of a zero-day flaw in General Bytes’ servers, which generate Bitcoin ATMs.
  • The business claimed that the risk was present from 2020.
  • In 12 countries, General Bytes owns approximately 8000 crypto ATMs.

Malicious actors were able to steal cryptocurrency from users who bought or deposited bitcoin using these ATMs by taking advantage of a zero-day issue in the General Bytes Bitcoin ATM servers.

With more than 9,000 crypto ATMs deployed worldwide, General Bytes is presently one of the largest Bitcoin, Blockchain, and cryptocurrency ATM manufacturers. Depending on the product, people can purchase, trade, or deposit more than 40 distinct cryptocurrencies.

The business asserted that hackers exploited a zero-day vulnerability in its crypto application server (CAS), gaining access to administrator capabilities, changing the receiver wallet address, and enabling users to purchase and sell cryptocurrencies using stolen money.

 Since the hacker’s changes brought the CAS software up to version 20201208 on Thursday, there has been a flaw. The term “zero-day,” often known as “0-day,” refers to a hacker-used defect that has not yet fixed the original code. It is accompanied by “vulnerability, exploit, or attack.”

General Bytes’ version upgrade notes, which were made public on the 18th, stated the following:

The CAS administrative interface’s URL call on the page used for the server’s default installation and generating the initial administration user allowed the attacker to establish an admin user remotely.

The remote Crypto Application Server (CAS), which oversees the ATM’s general operations, including which cryptocurrencies are enabled, real-time buying and selling of cryptocurrencies on exchanges, and adding or delisting coins for transactions, is in charge of the company’s Bitcoin ATMs.

Customers have also been instructed to change their server firewall configurations so that, among other things, the CAS admin interface can only be accessed from permitted IP addresses.

General Bytes also advised users to check their “SELL Crypto Setting” before reactivating the terminals to ensure that the hackers hadn’t changed the settings so that any received monies would be transmitted to them instead (and not the customers).

The first bitcoin ATM appeared in a Vancouver, Canada, coffee shop in 2013. Since then, bitcoin ATMs have appeared in countless cities and countries. According to information from Coin ATM Radar, there are currently 36,610 bitcoin ATMs spread across 77 different nations.

The first Bitcoin ATM was set up in May in Cuenca, Ecuador. Although there is no KYC, the ATM contains a fingerprint scanner in case regulations change in the future.

Source