Security News > 2023 > March > General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen

General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen
2023-03-20 21:36

Leading Bitcoin ATM maker General Bytes disclosed that hackers stole cryptocurrency from the company and its customers using a zero-day vulnerability in its BATM management platform.

General Bytes makes Bitcoin ATMs allowing people to purchase or sell over 40 cryptocurrencies.

Customers can deploy their ATMs using standalone management servers or General Bytes cloud service.

"The attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean," General Bytes explained in a security incident disclosure.

Researchers from the Kraken cryptocurrency exchange found multiple vulnerabilities in General Bytes' ATMs in 2021, which the company quickly fixed.

Even with these security audits, in August 2022, General Bytes had a security incident where hackers exploited a zero-day vulnerability in its ATM servers to steal cryptocurrency from its customers.


News URL

https://www.bleepingcomputer.com/news/security/general-bytes-bitcoin-atms-hacked-using-zero-day-15m-stolen/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Bitcoin 6 0 27 13 0 40