Security News > 2022 > August > Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug
Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers.
General Bytes is the manufacturer of Bitcoin ATMs that, depending on the product, allow people to purchase or sell over 40 different cryptocurrencies.
The Bitcoin ATMs are controlled by a remote Crypto Application Server, which manages the ATM's operation, what cryptocurrencies are supported, and executes the purchases and sales of cryptocurrency on exchanges.
Yesterday, BleepingComputer was contacted by a General Bytes customer who told us that hackers were stealing bitcoin from their ATMs. According to a General Bytes security advisory published on August 18th, the attacks were conducted using a zero-day vulnerability in the company's Crypto Application Server.
Once the threat actos modified these settings, any cryptocurrency received by CAS was forwarded to the hackers instead. "Two-way ATMs started to forward coins to the attacker's wallet when customers sent coins to ATM," explains the security advisory.
General Bytes is warning customers not to operate their Bitcoin ATMs until they have applied two server patch releases, 20220531.
News URL
Related news
- North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed (source)
- North Korean hackers stole $1.3 billion worth of crypto this year (source)
- FBI links North Korean hackers to $308 million crypto heist (source)
- Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)