Key Points:
- The GENERAL BYTES cryptocurrency ATM service was attacked.
- The attacker used the upload interface in the system to upload and run a malicious Java program to obtain the permissions of the database in the server and the hot wallet withdrawal API Key.
- GENERAL BYTES also encountered a security incident in August 2022.
GENERAL BYTES, the manufacturer of Bitcoin ATMs, reported the most serious security incident.
Customers were urged to take quick steps to secure their personal information, according to a statement issued by the firm.
The attacker discovered a security flaw in the master service interface, which Bitcoin ATMs utilize to upload videos to the server. This is manifested in the capacity to read and decode API keys used to get access to money in hot wallets and exchanges.
The attacker examined the Digital Ocean cloud hosting IP address space and discovered CAS services operating on port 7741, including the General Bytes Cloud service and other GB ATM operators with servers hosted by Digital Ocean, the company’s cloud hosting provider.
Utilizing this security flaw, the attacker immediately uploaded his own program to the application server utilized by the admin interface. By default, the application server was set to run apps in its deployment folder.
The attacker may also get access to the database, obtain user names and password hashes, and disable 2FA. This disables security measures that might jeopardize user accounts.
According to the notification, users should consider all of their CAS passwords, API keys to exchanges, and hot wallets to have been stolen and disclosed. It is critical to produce new API keys, invalidate existing ones, and update all user passwords.
GENERAL BYTES is also shutting down its Cloud service to prevent further data breaches. There have been no claims of harm at this time, although the firm has disclosed wallet addresses that have been compromised.
Previously, GENERAL BYTES was subjected to another incident in which hackers used a zero-day vulnerability to redirect cash into their own accounts using General Bytes Bitcoin ATM servers.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
