NewsBestReviews

Bitcoin ATM Company Under Attack By Hackers Leveraging The Zero-Day Bug

General Bytes-owned ATMs have been exploited by hackers who remotely created an admin user account to steal funds.
Bitcoin
Dot
August 22, 2022
Chiagoziem Bede Ikwueze

Chiagoziem has gathered a wealth of experience, having worked for many prominent crypto-based businesses, including Revain, Whiteboard Crypto, DeRev, The Crypto Cartel, Crypto News, MoneySwitch, Full Value Dan, and Bitcompare. Over the past couple of years, his works have been featured in many publications and places. When he is not writing, he spends time working on his other digital businesses, playing video games, reading books, watching movies, and most importantly, enjoying quality time with loved ones.

in
TABLE OF CONTENTS

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Bitcoin ATM
Hacking
Security Breach
The trusted provider of rates and financial information
Latest
Stablecoin Interest RatesCrypto Interest RatesCrypto Staking RewardsCrypto Lending RatesStablecoin Lending RatesStablecoin Staking Rewards
Best
Crypto Staking PlatformsCrypto Savings AccountsCrypto Lending PlatformsCrypto ExchangesCrypto Debit Cards
Learn
StakingCrypto LendingCrypto Loans
Company
Become a partnerCareersContact usAboutBytesDeveloper API
AI JobsPromptPalBecome a partnerContact usLegalPrivacySitemapCareersAbout
Get crypto smart in 5 minutes
Join readers from Coinbase, a16z, Binance, Uniswap, Sequoia and more for the latest staking rewards, tips, insights and news.
No spam, unsubscribe anytime. Read our Privacy Policy.
YOUR SUBSCRIPTION WAS SUCCESSFUL
Oops! Something went wrong while submitting the form.
© 2024 Bitcompare
PolicyTerms of UseSitemap

Bitcompare.net is a trading name of Tokentalk Ltd. Registered in England No. 11332964. Registered Office: Unit 3 Mitcham Industrial Estate, 85 Streatham Road, Mitcham, United Kingdom, CR4 2AP.

Advertiser disclosure: Bitcompare is a comparison engine that relies on advertising for funding. The business opportunities that can be found on this site are offered by companies with which Bitcompare has made deals. This relationship may affect the way and where products appear on the site, such as in what order they are listed in categories. Information about products may also be placed based on other factors, such as the ranking algorithms on our website. Bitcompare does not look at or list all companies or products on the market.

Editorial disclosure: The editorial content on Bitcompare is not provided by any of the companies mentioned, and has not been reviewed, approved, or otherwise endorsed by any of these entities. The opinions expressed here are the author’s alone. Additionally, the opinions expressed by the commenters do not necessarily reflect those of Bitcompare or its staff. When you leave a comment on this site, it will not show up until a Bitcompare administrator approves it.

Warning: The price of digital assets can be volatile. The value of your investment can go down or up, and you may not get back the amount invested. You are the only one who is responsible for the money you invest, and Bitcompare is not responsible for any losses you might have. Any APR shown is a rough estimate of how much cryptocurrency you will earn in rewards over the time period you choose. It does not display the actual or predicted returns or yields in any fiat currency. The APR is adjusted daily, and the estimated rewards may differ from the actual rewards generated. The information on this page is not meant to be a sign from Bitcompare that the information is correct or reliable. Before making any investment, you should carefully consider your investment experience, financial situation, investment objectives, and risk tolerance, and consult with an independent financial advisor. Links to third-party sites are not under the control of Bitcompare, and we are not responsible for the reliability or accuracy of such sites or their contents. For more information, see the Terms of Service for Bitcompare and our Risk Warning.

NewsBestReviews
Bitcoin
August 22, 2022

Bitcoin ATM Company Under Attack By Hackers Leveraging The Zero-Day Bug

HomeBitcoin
Blog Post
Contents

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Bitcoin ATM
Hacking
Security Breach
Chiagoziem Bede Ikwueze

Chiagoziem has gathered a wealth of experience, having worked for many prominent crypto-based businesses, including Revain, Whiteboard Crypto, DeRev, The Crypto Cartel, Crypto News, MoneySwitch, Full Value Dan, and Bitcompare. Over the past couple of years, his works have been featured in many publications and places. When he is not writing, he spends time working on his other digital businesses, playing video games, reading books, watching movies, and most importantly, enjoying quality time with loved ones.

in

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Written by
Chiagoziem Bede Ikwueze
Bitcoin ATM
Hacking
Security Breach

Acala Network Suffers Security Breach, Passes Vote To Halt Operations

DeFi
August 14, 2022
Acala, Polkadot’s decentralized finance network, had its protocols tampered with by hackers, causing it to pass an urgent vote to suspend operations until the issue is resolved.

Blockchain Investigator Claims Ronin Bridge Hackers Moved $625M To Bitcoin Network

Bitcoin
August 22, 2022
The perpetrators behind one of the largest crypto hacks allegedly used Tornado Cash as one of the several means to conceal the transactions and transfer the $625M worth of USDC and Ethereum tokens to the Bitcoin network.

Curve Finance Loses Over $520K After DNS Hijack

DeFi
August 9, 2022
The firm behind the CRV token, Curve Finance, became the latest victim of hacking when a DNS hijack compromised its front end.

Celer Network’s cBridge Frontend Hit By DNS Hijack

DeFi
August 18, 2022
Level 2 scaling protocol Celer Network is the latest target of crypto hacking as the platform reports seeing potential signs of a DNS hijack of its cBridge frontend.

Bitcoin registers record daily transactions amidst Runes surge

Bitcoin
April 26, 2024
Propelled by a sudden spike in the popularity of Runes, the Bitcoin network recorded a new high of over 926,800 daily transactions.

Living in Algarve: Tax-Free Crypto Living

Crypto tax
April 25, 2024
Are you contemplating the dream of living in Algarve? Understanding the nuances of daily life in this sun-drenched part of Portugal is crucial, whether it’s navigating the property market, assessing the cost of living, or immersing yourself in the culture and community.

Crypto.com delays app launch in South Korea after regulatory setback

Crypto exchanges
April 24, 2024
Crypto.com has postponed its launch in South Korea following reports of a money laundering probe conducted by local authorities. 

Ripple opposes the SEC's plea for a $1.95B fine

Crypto regulation
April 23, 2024
In a recent court filing, Ripple requested the court to reject the SEC's plea on charging a $1.95B fine from the firm.

Layer-2 tokens surge past Bitcoin post-halving

Bitcoin
April 23, 2024
In the wake of its fourth halving event, layer-2 coins associated with the Bitcoin blockchain saw significant gains, outperforming BTC itself. 

Network update causes block production outage on Polkadot parachains

Altcoins
April 22, 2024
Polkadot faced a temporary disruption in block production across its parachains following a major network upgrade. 

Bitcoin transaction fees plunge after halving event

Bitcoin
April 22, 2024
The Bitcoin transaction fees, which soared to an all-time high during the fourth halving event, have declined dramatically in the aftermath.

Grayscales unveils 0.15% fee structure for Bitcoin Mini Trust ETF

Bitcoin
April 21, 2024
In a recent filing, ETF provider Grayscale announced a low fee of 0.15% on the Bitcoin Mini Trust, its newest exchange-traded fund.

Bitcoin network successfully undergoes fourth halving event

Bitcoin
April 20, 2024
The Bitcoin network has completed its fourth halving event with the addition of block 840,000 to the blockchain. However, the transaction fees rose significantly following the historical event. 

Tether introduces four business divisions to expand beyond stablecoins

Stablecoins
April 18, 2024
Tether announced its plans to undergo restructuring in a bid to diversify its portfolio and venture beyond the stablecoin market.

Upbit temporarily ceases deposits and withdrawals exceeding 1M Won

Crypto exchanges
April 17, 2024
Upbit has halted crypto transactions that exceed one million Won (equivalent to $722) following changes in the services provided by its VASP.

What is Cronos (CRO): A Complete Dive

Altcoins
April 17, 2024
Cronos (CRO), a pioneering blockchain technology backed by a committed team, aims to shape the future of the digital field through innovative solutions and a focus on DeFi
The trusted provider of rates and financial information
Latest
Stablecoin Interest RatesCrypto Interest RatesCrypto Staking RewardsCrypto Lending RatesStablecoin Lending RatesStablecoin Staking Rewards
Best
Crypto Staking PlatformsCrypto Savings AccountsCrypto Lending PlatformsCrypto ExchangesCrypto Debit Cards
Learn
StakingCrypto LendingCrypto Loans
Company
Become a partnerCareersContact usAboutBytesDeveloper API
AI JobsPromptPalBecome a partnerContact usLegalPrivacySitemapCareersAbout
Get crypto smart in 5 minutes
Join readers from Coinbase, a16z, Binance, Uniswap, Sequoia and more for the latest staking rewards, tips, insights and news.
No spam, unsubscribe anytime. Read our Privacy Policy.
YOUR SUBSCRIPTION WAS SUCCESSFUL
Oops! Something went wrong while submitting the form.
© 2024 Bitcompare
PolicyTerms of UseSitemap

Bitcompare.net is a trading name of Tokentalk Ltd. Registered in England No. 11332964. Registered Office: Unit 3 Mitcham Industrial Estate, 85 Streatham Road, Mitcham, United Kingdom, CR4 2AP.

Advertiser disclosure: Bitcompare is a comparison engine that relies on advertising for funding. The business opportunities that can be found on this site are offered by companies with which Bitcompare has made deals. This relationship may affect the way and where products appear on the site, such as in what order they are listed in categories. Information about products may also be placed based on other factors, such as the ranking algorithms on our website. Bitcompare does not look at or list all companies or products on the market.

Editorial disclosure: The editorial content on Bitcompare is not provided by any of the companies mentioned, and has not been reviewed, approved, or otherwise endorsed by any of these entities. The opinions expressed here are the author’s alone. Additionally, the opinions expressed by the commenters do not necessarily reflect those of Bitcompare or its staff. When you leave a comment on this site, it will not show up until a Bitcompare administrator approves it.

Warning: The price of digital assets can be volatile. The value of your investment can go down or up, and you may not get back the amount invested. You are the only one who is responsible for the money you invest, and Bitcompare is not responsible for any losses you might have. Any APR shown is a rough estimate of how much cryptocurrency you will earn in rewards over the time period you choose. It does not display the actual or predicted returns or yields in any fiat currency. The APR is adjusted daily, and the estimated rewards may differ from the actual rewards generated. The information on this page is not meant to be a sign from Bitcompare that the information is correct or reliable. Before making any investment, you should carefully consider your investment experience, financial situation, investment objectives, and risk tolerance, and consult with an independent financial advisor. Links to third-party sites are not under the control of Bitcompare, and we are not responsible for the reliability or accuracy of such sites or their contents. For more information, see the Terms of Service for Bitcompare and our Risk Warning.