Recently, a group of anonymous hackers have exploited a zero-day bug in the General Bytes Bitcoin ATM servers to steal BTC from several customers. When the customers purchase or deposit bitcoin through these ATMs, the zero-day vulnerability allows hackers to divert the funds into their own wallets. General Bytes is one of the largest manufacturers of cryptocurrency ATMs. Currently, they have nearly nine thousand crypto ATMs installed worldwide. They allow people to purchase, sell, or deposit over 40 different cryptocurrencies.
The General Bytes security advisory board published a memo on August 18th outlining the aspects of this zero-day exploit. The attacker was apparently able to create an admin user account remotely via the CAS admin panel. They achieved this by performing a URL call on the default installation page of the server, which is accessed by employees when they create their first admin account.
According to the advisory report, this vulnerability has been present in the CAS software since its previous version. The General Bytes team believes hackers scanned the web for exposed servers on TCP ports 443 or 7777. All servers hosted at General Bytes and Digital Oceans run on these ports. Once they created the fake admin account, hackers could modify the ‘buy’ and ‘sell’ settings on the ATM servers and direct payments to an external wallet.
General Bytes has warned its customers not to use their Bitcoin ATMs until they applied two updated server patches. There are currently eighteen General Bytes servers exposed to the open web, which might be vulnerable to a zero-day exploit. The majority of these exposed servers are located in Canada. They have also provided a checklist of steps users must follow when using their services.
Crypto hacks have soared in recent months, with over $3.2 billion lost to such incidents in 2021. The figure is already worse this year, so users must take caution when using any crypto or DeFi services. It’s also critically important that every crypto trader or user is always up to date with the latest information on the services they use.