free counter

Hackers Target General Bytes Bitcoin ATMs


57 mins agoMon Aug 22 2022 09: 15: 31


Reading Time: 2 minutes

  • Hackers were able to divert funds from General Bytes Bitcoin ATMs recently
  • The attackers created admin makes up about themselves and stole user bitcoin
  • General Bytes hasnt revealed just how much bitcoin was taken

Hackers were able to infiltrate the servers of Bitcoin ATM manufacturer General Bytes recently and divert funds with their own wallets. The quantity of funds stolen and the amount of ATMs compromised wasnt disclosed by the business, which operates 8,827 machines worldwide, but General Bytes notes that the attack came on the 3rd day after it announced a Help Ukraine feature on ATMs, with hackers seemingly longing for a charity windfall. Kraken Security Labs revealed this past year that the sort of machines targeted were riddled with security flaws, including a possible admin takeover.

User Funds Diverted

General Bytes reported the incident the other day, releasing a security notification on its website to state that the hackers had were able to update the program on its bidirectional machines that allowed them to make a new default admin user and utilize it to divert coins delivered to the ATM with their own wallets.

Bidirectional ATMs (or two-way), allow users to convert cash to bitcoin and bitcoin to cash, instead of the initial generation of machines which only allows cash to bitcoin conversions. General Bytes has some 7,000 bidirectional machines installed in america, but since it is around individual operators to update the program, it really is unknown just how many machines were suffering from the hack.

Hackers Created Admin Account

General Bytes stated that the hackers could actually develop a new admin account and divert funds to themselves, but were very keen to reassure operators that usage of the host operation system, host file system and database weren’t gained.

Users may also be relieved to learn that the hackers didnt access any passwords, password hashes, salts, private keys or API keys. However, considering that some users may have lost bitcoin to the hackers due to the vulnerability, it really is hoped that General Bytes will refund their losses, although this is not stated in the update.

Kraken Predicted Security Flaws

This news shouldnt come as a surprise considering that this past year Kraken Security Labs discovered a variety of flaws generally Bytes bidirectional Bitcoin ATMs, with one attack vector specifically associated with the admin accounts.

General Bytes has issued a crisis patch, adding that several security audits had occurred since 2020, none which identified this vulnerability. With Kraken identifying several flaws in October this past year, General Bytes should have a word using its security auditor.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker