• Contact Us
  • Affiliate Disclosure
  • Privacy Policy
  • Terms of Use
  • DMCA
Saturday, January 28, 2023
WongaNews.com
  • Live Prices
  • Crypto News
  • Bitcoin
  • Altcoins
  • NFT News
  • Blockchain
  • Regulations
  • Trading
No Result
View All Result
  • Live Prices
  • Crypto News
  • Bitcoin
  • Altcoins
  • NFT News
  • Blockchain
  • Regulations
  • Trading
No Result
View All Result
WongaNews.com
No Result
View All Result

General Bytes Bitcoin ATMs compromised by threat actors

August 22, 2022
in Crypto News
Reading Time: 3 mins read
A A
ShareShareShareShareShare

Related articles

Meta Masters Guild Raises Over $1.5 Million During Presale with Just Days Left Before 23% Price Rise

January 28, 2023

Biden Administration announces roadmap for reducing crypto risks

January 28, 2023

Source: gualtiero boffi – shutterstock

  • Bitcoin ATM manufacturer General Bytes has asked all ATM operators to update their software after its server was compromised through a zero-day attack.
  • This attack comes almost a year after Kraken Security Labs disclosed the vulnerability of most Bitcoin ATMs as their default admin QR code has never been changed.

Bitcoin ATM manufacturer General Bytes has asked all ATM operators to update their software after its server was compromised through a zero-day attack. According to the company’s security advisory team, the threat actors hacked into its Crypto Application Server (CAS) and stole funds. 

The hackers scanned for exposed servers running on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service.

It is important to note that the CAS controls its entire operation including the buying and selling of cryptos. After gaining control, the hackers modified the settings to add themselves as default administrators on the CAS, named gb. From there, the hackers compromised the buy and sell settings, to ensure that all assets sent to the ATMs are redirected to the wallet addresses controlled by them. They also reportedly made away with some funds.

The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user.

Regardless of the information given, the company has not disclosed the amount stolen and the ATMs affected. 

Kraken Security Labs pointed out vulnerabilities in General Bytes

It is important to note that General Bytes own and operate over 8827 Bitcoin ATMs across 120 countries. Customers can as well access over 40 crypto assets on its various ATMs. As part of its effort to mitigate the impact, the company has advised customers to not use its ATM servers till they are updated to “patch releases 20220725.22, and 20220531.38 for customers running on 20220531.”

Customers are also reminded to review their “Sell Crypto Settings” before reactivating the terminals. This is to cross-check whether hackers modified their settings to redirect all received funds into their wallet addresses. To ensure that the CAS admin interface is only accessed from authorized IP addresses, customers have also been asked to modify their server firewall settings. In response to criticisms that the company did not invest enough in security audits to prevent this attack, it has stated that several audits have been conducted since 2020. 

This attack comes almost a year after Kraken Security Labs disclosed the vulnerability of most Bitcoin ATMs as their default admin QR code has never been changed. In the report, the security firm observed that General Bytes’ BATMTwo ATM range had several hardware and software vulnerabilities. According to Kraken, it is easier for hackers to compromise any ATM if they get access to the administrative code. In response, General Bytes reportedly informed ATM operators of the vulnerabilities.

Kraken Security Labs reported the vulnerabilities to General Bytes on April 20, 2021, they released patches to their backend system (CAS) and alerted their customers, but full fixes for some of the issues may still require hardware revisions.


Credit: Source link

ShareTweetSendPinShare
Previous Post

The Music NFT Show: Podcast Episode 16

Next Post

Tether, Circle, other stablecoin issuers’ govt. debt stands at $80 billion

Related Posts

Meta Masters Guild Raises Over $1.5 Million During Presale with Just Days Left Before 23% Price Rise

January 28, 2023

Meta Masters Guild’s decentralized gaming ecosystem has raised more than $1.5 million in its ongoing presale. Aiming to be the...

Biden Administration announces roadmap for reducing crypto risks

January 28, 2023

Following a year in which the crypto sector experienced some of the worst upheavals in its short history, the White...

IOTA enters next phase of European Commission’s Blockchain Pre-Commercial Procurement

January 28, 2023

The IOTA Foundation successfully completed the testing of Phase 2A of the EU blockchain Pre-Commercial Procurement. In Phase 2B, IOTA...

Break Or Make Movement For Crypto Market

January 28, 2023

Despite the recent negative impact by the macroeconomic environment and bankruptcies, the cryptocurrencies have managed to rise since the start...

Azuki’s Official Twitter Account Hacked, Over $750,000 Drained

January 28, 2023

NFT collection Azuki’s official Twitter account was compromised on Friday afternoon, according to an update released by the Azuki team. ...

Load More
Next Post

Tether, Circle, other stablecoin issuers' govt. debt stands at $80 billion

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Cryptocurrency Exchanges Still Fighting Private Banks for Right to Open Bank Accounts in Chile – Regulation Bitcoin News

January 13, 2023

Silvergate and Genesis layoffs; Mango exploiter detained

January 5, 2023

Justin Sun denies that Huobi is planning layoffs

January 3, 2023

About Us

Wonga News is an online news portal that aims to provide the latest crypto news, blockchain, regulations, and much more stuff like that around the world. We promise to share only high quality content from the world's best crypto sources. Feel free to get in touch with us!

What’s New Here!

  • L’Dezen Shines With NFT Fashion Accessories
  • Meta Masters Guild Raises Over $1.5 Million During Presale with Just Days Left Before 23% Price Rise
  • How crypto turned Portugal into a promised land for entrepreneurs

Newsletter

Loading
  • Contact Us
  • Affiliate Disclosure
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2022 WongaNews.com - All Rights Reserved!

No Result
View All Result
  • Live Prices
  • Crypto News
  • Bitcoin
  • Altcoins
  • NFT News
  • Blockchain
  • Regulations
  • Trading

© 2022 - WongaNews.com - All Rights Reserved!

  • bitcoinBitcoin(BTC)$23,039.00-0.44%
  • ethereumEthereum(ETH)$1,578.40-0.75%
  • USDEXUSDEX(USDEX)$1.07-0.47%
  • tetherTether(USDT)$1.000.05%
  • usd-coinUSD Coin(USDC)$1.000.08%
  • binancecoinBNB(BNB)$307.290.18%
  • rippleXRP(XRP)$0.4114140.42%
  • binance-usdBinance USD(BUSD)$1.00-0.04%
  • cardanoCardano(ADA)$0.3867611.29%
  • dogecoinDogecoin(DOGE)$0.0889202.74%
  • matic-networkPolygon(MATIC)$1.15-1.70%
  • okbOKB(OKB)$39.699.44%
  • solanaSolana(SOL)$24.17-0.03%
  • staked-etherLido Staked Ether(STETH)$1,577.26-0.56%
  • polkadotPolkadot(DOT)$6.45-0.10%
  • shiba-inuShiba Inu(SHIB)$0.0000122.15%
  • avalanche-2Avalanche(AVAX)$20.9013.67%
  • litecoinLitecoin(LTC)$88.270.26%
  • tronTRON(TRX)$0.062603-0.46%
  • daiDai(DAI)$1.00-0.04%
  • uniswapUniswap(UNI)$6.67-1.09%
  • wrapped-bitcoinWrapped Bitcoin(WBTC)$23,021.00-0.04%
  • cosmosCosmos Hub(ATOM)$13.331.13%
  • ToncoinToncoin(TON)$2.532.24%
  • chainlinkChainlink(LINK)$7.26-0.49%
  • leo-tokenLEO Token(LEO)$3.80-1.18%
  • moneroMonero(XMR)$182.233.34%
  • ethereum-classicEthereum Classic(ETC)$21.82-0.05%
  • AptosAptos(APT)$18.201.75%
  • bitcoin-cashBitcoin Cash(BCH)$132.90-2.00%
  • Aerarium FiAerarium Fi(AERA)$7.12-13.06%
  • stellarStellar(XLM)$0.0928890.44%
  • apecoinApeCoin(APE)$6.11-1.52%
  • quant-networkQuant(QNT)$148.90-2.41%
  • nearNEAR Protocol(NEAR)$2.48-1.26%
  • crypto-com-chainCronos(CRO)$0.080919-0.12%
  • filecoinFilecoin(FIL)$5.29-1.34%
  • lido-daoLido DAO(LDO)$2.27-5.03%
  • algorandAlgorand(ALGO)$0.2562541.37%
  • vechainVeChain(VET)$0.024028-1.98%
  • hedera-hashgraphHedera(HBAR)$0.067818-2.31%
  • internet-computerInternet Computer(ICP)$5.94-1.68%
  • axie-infinityAxie Infinity(AXS)$11.460.10%
  • decentralandDecentraland(MANA)$0.714.02%
  • aaveAave(AAVE)$84.64-3.94%
  • eosEOS(EOS)$1.09-2.48%
  • the-sandboxThe Sandbox(SAND)$0.74-0.45%
  • fantomFantom(FTM)$0.449326-5.84%
  • elrond-erd-2MultiversX(EGLD)$44.520.06%
  • flowFlow(FLOW)$1.06-2.40%