BestReviewsLearn

Bitcoin ATM Company Under Attack By Hackers Leveraging The Zero-Day Bug

General Bytes-owned ATMs have been exploited by hackers who remotely created an admin user account to steal funds.
Bitcoin
Dot
January 29, 2023
Chiagoziem Bede Ikwueze

Chiagoziem has gathered a wealth of experience, having worked for many prominent crypto-based businesses, including Revain, Whiteboard Crypto, DeRev, The Crypto Cartel, Crypto News, MoneySwitch, Full Value Dan, and Bitcompare. Over the past couple of years, his works have been featured in many publications and places. When he is not writing, he spends time working on his other digital businesses, playing video games, reading books, watching movies, and most importantly, enjoying quality time with loved ones.

in
TABLE OF CONTENTS

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Bitcoin ATM
Hacking
Security Breach
The trusted provider of rates and financial information
AI JobsPromptPalBecome a partnerContact usLegalPrivacySitemapCareersAbout
Get crypto smart in 5 minutes
Join readers from Coinbase, a16z, Binance, Uniswap, Sequoia and more for the latest staking rewards, tips, insights and news.
No spam, unsubscribe anytime. Read our Privacy Policy.
YOUR SUBSCRIPTION WAS SUCCESSFUL
Oops! Something went wrong while submitting the form.
© 2024 Bitcompare
A Blu.Ventures companyAdvertisePolicyTerms of UseSitemap

Bitcompare.net is a trading name of Tokentalk Ltd. Registered in England No. 11332964. Registered Office: Unit 3 Mitcham Industrial Estate, 85 Streatham Road, Mitcham, United Kingdom, CR4 2AP.

Advertiser disclosure: Bitcompare is a comparison engine that relies on advertising for funding. The business opportunities that can be found on this site are offered by companies with which Bitcompare has made deals. This relationship may affect the way and where products appear on the site, such as in what order they are listed in categories. Information about products may also be placed based on other factors, such as the ranking algorithms on our website. Bitcompare does not look at or list all companies or products on the market.

Editorial disclosure: The editorial content on Bitcompare is not provided by any of the companies mentioned, and has not been reviewed, approved, or otherwise endorsed by any of these entities. The opinions expressed here are the author’s alone. Additionally, the opinions expressed by the commenters do not necessarily reflect those of Bitcompare or its staff. When you leave a comment on this site, it will not show up until a Bitcompare administrator approves it.

Warning: The price of digital assets can be volatile. The value of your investment can go down or up, and you may not get back the amount invested. You are the only one who is responsible for the money you invest, and Bitcompare is not responsible for any losses you might have. Any APR shown is a rough estimate of how much cryptocurrency you will earn in rewards over the time period you choose. It does not display the actual or predicted returns or yields in any fiat currency. The APR is adjusted daily, and the estimated rewards may differ from the actual rewards generated. The information on this page is not meant to be a sign from Bitcompare that the information is correct or reliable. Before making any investment, you should carefully consider your investment experience, financial situation, investment objectives, and risk tolerance, and consult with an independent financial advisor. Links to third-party sites are not under the control of Bitcompare, and we are not responsible for the reliability or accuracy of such sites or their contents. For more information, see the Terms of Service for Bitcompare and our Risk Warning.

BestReviewsLearn
Bitcoin
August 22, 2022

Bitcoin ATM Company Under Attack By Hackers Leveraging The Zero-Day Bug

HomeBitcoin
Blog Post
Contents

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Bitcoin ATM
Hacking
Security Breach
Chiagoziem Bede Ikwueze

Chiagoziem has gathered a wealth of experience, having worked for many prominent crypto-based businesses, including Revain, Whiteboard Crypto, DeRev, The Crypto Cartel, Crypto News, MoneySwitch, Full Value Dan, and Bitcompare. Over the past couple of years, his works have been featured in many publications and places. When he is not writing, he spends time working on his other digital businesses, playing video games, reading books, watching movies, and most importantly, enjoying quality time with loved ones.

in

General Bytes released a statement, saying, “The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

The world’s largest Bitcoin ATM manufacturer, General Bytes, reported a security breach on August 18th. The hackers were able to compromise the company’s servers, redirecting crypto assets to their wallets.

They took advantage of the zero-day vulnerability in the company’s Crypto Application Server (CAS). General Bytes’ CAS manages the ATM operations, cryptocurrency purchases, and sales carried out on exchanges. Hence, the hackers created an admin user account through the CAS, making it vulnerable.

The company believes the hackers scanned for exposed servers on TCP ports 7777 or 443, including servers hosted on General Bytes’ cloud service. From there, the hackers could add themselves as default admins on the CAS named GB.

They then further modified the buy and sell settings so that they could transfer any crypto received by the Bitcoin ATM. 

In General Bytes' words;

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”

Currently, the stolen amount and the number of compromised ATMs are unknown as General Bytes has yet to disclose the information.

General Bytes, which owns about 8,827 Bitcoin ATMs accessible in over 120 countries, has urged its customers to refrain from using their General Bytes ATM servers until it has updated the servers to patch releases 20220725.22 and 20220531.38 for customers running on 20220531.

Users are also advised to modify their server firewall settings so that no unauthorized IP addresses can access the CAS admin interface. Also, they should review their “SELL Crypto” settings before reactivating the terminals. This is to ensure that the hackers did not modify the settings such that the funds are transferred to them rather than the customer.

We're glad you read to this point!

Every week, we publish an email newsletter highlighting all the juicy stories we covered in the crypto space, bringing all the major happenings to your doorstep.

So, if you want to have top stories delivered to your email inbox every week, subscribe to our newsletter!

Written by
Chiagoziem Bede Ikwueze
Bitcoin ATM
Hacking
Security Breach

Acala Network Suffers Security Breach, Passes Vote To Halt Operations

DeFi
August 14, 2022
Acala, Polkadot’s decentralized finance network, had its protocols tampered with by hackers, causing it to pass an urgent vote to suspend operations until the issue is resolved.

Blockchain Investigator Claims Ronin Bridge Hackers Moved $625M To Bitcoin Network

Bitcoin
August 22, 2022
The perpetrators behind one of the largest crypto hacks allegedly used Tornado Cash as one of the several means to conceal the transactions and transfer the $625M worth of USDC and Ethereum tokens to the Bitcoin network.

Curve Finance Loses Over $520K After DNS Hijack

DeFi
August 9, 2022
The firm behind the CRV token, Curve Finance, became the latest victim of hacking when a DNS hijack compromised its front end.

Celer Network’s cBridge Frontend Hit By DNS Hijack

DeFi
August 18, 2022
Level 2 scaling protocol Celer Network is the latest target of crypto hacking as the platform reports seeing potential signs of a DNS hijack of its cBridge frontend.

5 Apps Every Serious Crypto Trader Needs on Their Phone

Crypto Trading
October 3, 2024
Cool apps that every crypto trader should have to ensure a more efficient and secure trading journey.

Bitcoin Price Stagnates Amid Mixed Market Signals

News
September 2, 2024
Bitcoin's price remains stagnant due to mixed market signals, including potential sell pressure from large BTC releases and uncertain demand ahead of the U.S. Federal Reserve meeting.

Shiba Inu Whale Trades $3.5 Million in SHIB for AI Token FET Amid Market Shifts

News
September 1, 2024
A Shiba Inu whale swapped $3.5 million worth of SHIB for the AI token FET, reflecting a strategic shift towards AI-focused assets amid declining memecoin value.

XRP Whale Activity Hits Four-Year Low: What Does It Mean for Traders?

News
September 1, 2024
XRP struggles at $0.585, but whale activity and stable network metrics suggest a long-term bullish outlook despite short-term volatility.

Bitcoin’s Decline Could Mean Gains for Solana: $187 Target in Sight

News
August 31, 2024
A potential decline in Bitcoin's dominance could trigger an altcoin rally, with Solana (SOL) potentially aiming for a $187 target.

Vitalik Buterin Refutes Claims of Selling Ether for Profit

News
August 31, 2024
Ethereum co-founder Vitalik Buterin denies selling Ether for personal profit, stating that his sales were to support various crypto projects and philanthropic efforts.

Third Negative Funding Rate Reading for BNB Since 2023 Raises Concerns

News
August 31, 2024
Binance's funding rates have turned negative for the third time since 2023, signaling potential bearish market sentiment and a decline in demand for Binance Coin (BNB) long positions amid increased selling pressure and external controversies.

Bitcoin's Next Move: Will It Break $67K or Remain Below $60K?

News
August 31, 2024
Bitcoin is trading near a critical support level around $59K, with mixed technical signals suggesting potential further declines or a rally toward $67K, amid a generally bullish on-chain outlook.

Ethereum Whale Sells 6,900 ETH – Is It Time to Worry?

News
August 31, 2024
An Ethereum whale has sold 6,900 ETH, valued at $17.87 million, amid a balanced market environment and continued decline in exchange reserves, raising questions about potential bearish trends.

Ethereum Signals Potential Price Reversal: Bullish Divergence Forms for the First Time in Two Years

News
August 30, 2024
Ethereum is showing signs of a potential price reversal with its first bullish divergence in over two years, supported by technical indicators and macroeconomic factors.

Bitcoin Slips Below $59,000 as Institutional Demand Declines; BlackRock's IBIT Records Second Outflow

News
August 30, 2024
Bitcoin fell below $59,000 amid waning demand and significant outflows from major ETFs, including BlackRock's IBIT, signaling cautious market sentiment and potential volatility ahead.

Aptos Network Partners with Nillion to Enhance Privacy for Decentralized Applications

News
August 29, 2024
Aptos is integrating privacy platform Nillion to enhance privacy-preserving applications on its blockchain, enabling secure handling of sensitive data for decentralized apps.
The trusted provider of rates and financial information
AI JobsPromptPalBecome a partnerContact usLegalPrivacySitemapCareersAbout
Get crypto smart in 5 minutes
Join readers from Coinbase, a16z, Binance, Uniswap, Sequoia and more for the latest staking rewards, tips, insights and news.
No spam, unsubscribe anytime. Read our Privacy Policy.
YOUR SUBSCRIPTION WAS SUCCESSFUL
Oops! Something went wrong while submitting the form.
© 2024 Bitcompare
A Blu.Ventures companyAdvertisePolicyTerms of UseSitemap

Bitcompare.net is a trading name of Tokentalk Ltd. Registered in England No. 11332964. Registered Office: Unit 3 Mitcham Industrial Estate, 85 Streatham Road, Mitcham, United Kingdom, CR4 2AP.

Advertiser disclosure: Bitcompare is a comparison engine that relies on advertising for funding. The business opportunities that can be found on this site are offered by companies with which Bitcompare has made deals. This relationship may affect the way and where products appear on the site, such as in what order they are listed in categories. Information about products may also be placed based on other factors, such as the ranking algorithms on our website. Bitcompare does not look at or list all companies or products on the market.

Editorial disclosure: The editorial content on Bitcompare is not provided by any of the companies mentioned, and has not been reviewed, approved, or otherwise endorsed by any of these entities. The opinions expressed here are the author’s alone. Additionally, the opinions expressed by the commenters do not necessarily reflect those of Bitcompare or its staff. When you leave a comment on this site, it will not show up until a Bitcompare administrator approves it.

Warning: The price of digital assets can be volatile. The value of your investment can go down or up, and you may not get back the amount invested. You are the only one who is responsible for the money you invest, and Bitcompare is not responsible for any losses you might have. Any APR shown is a rough estimate of how much cryptocurrency you will earn in rewards over the time period you choose. It does not display the actual or predicted returns or yields in any fiat currency. The APR is adjusted daily, and the estimated rewards may differ from the actual rewards generated. The information on this page is not meant to be a sign from Bitcompare that the information is correct or reliable. Before making any investment, you should carefully consider your investment experience, financial situation, investment objectives, and risk tolerance, and consult with an independent financial advisor. Links to third-party sites are not under the control of Bitcompare, and we are not responsible for the reliability or accuracy of such sites or their contents. For more information, see the Terms of Service for Bitcompare and our Risk Warning.