By
Svetlana Soroka
April 24th, 2024
Following the attack, General Bytes deactivated the ATMs and asked all users to reset passwords, modify and upgrade their servers and firewalls, as well as review access permissions before using its terminals again.
A group of anonymous hackers have targeted General Bytes Bitcoin (BTC) ATMs using their ‘zero day’ vulnerability to steal the crypto deposited by users. It is not yet clear how much was stolen and how many ATMs were compromised. But the company has urgently advised ATM operators to update their software.
Hackers Attacked General Bytes ATMs
How did the attack occur? General Bytes is currently one of the largest cryptocurrency ATM manufacturers with over 9,000 crypto ATMs installed throughout the world. Based on the product, it allows people to buy, trade, or deposit over 40 different cryptocurrencies. General Bytes Bitcoin ATMs are two-way machines (crypto-to-cash and cash-to-crypto). The hackers identified a security vulnerability in the interface of the remote Crypto Application Server (CAS) that controls General Bytes ATMs. Next, they modfied the settings, creating a new default admin user, organization, and terminal and renaming the default admin user to ‘gb’. As a result, the “invalid payment address” settings made the users forward funds to the attacker’s wallet when sending cryptocurrency to an ATM.
The company’s announcement reads:
“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user. This vulnerability has been present in CAS software since version 20201208.”
Following the attack, General Bytes deactivated the ATMs and asked all users to reset passwords, modify and upgrade their servers and firewalls, as well as review access permissions before using its terminals again. Besides, the company released a list of other steps to do before putting their devices back into service.
Billions Lost in Crypto Hack Attacks
With the growth of crypto industry, the number of attacks targeting blockchain networks has increased as well. Only this year so fas, as much as $1.9 billion worth of cryptocurrency was stolen in hacks of various services, which is 60% more in comparison to last year. Notably, some of the biggest hacks were targeting DeFi protocols. The prevailing victim of these attacks was the Ethereum (ETH) ecosystem that lost more than $1 billion in 32 hacking attacks. The prime example is the $625 million hack of Axie Infinity’s Ronin network that took place in March this year.
Another example is Solana (SOL) network that suffered a loss of $383.9 million in only five incidents. The biggest of the attacks happened through the exploit of the decentralized finance (DeFi) platform Wormhole. More than 8,000 wallets were compromised.