🚨 Time is Running Out: Reserve Your Spot in the Lucky Draw & Claim Rewards! START NOW

General Bytes Suspends Cloud Services After it Detected "Security Vulnerability"

General Bytes Suspends Cloud Services After it Detected "Security Vulnerability"

Security breach forces major Bitcoin ATM manufacturer to shut down its cloud services.

On March 18th, General Bytes’ shared a statement revealing that hackers managed to exploit a security vulnerability that allowed them to remotely access sensitive information about users’ hot wallets, including private keys and passwords.

The statement explained that the attacker remotely uploaded their Java applications through the master service interface and used batm user privileges to run it.

How to Avoid Crypto Taxes? (Legal Ways Explained)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

According to the announcement, during the attack, malicious actors managed:

To access the database, to read and decrypt API keys used to access funds in hot wallets and exchanges, to access terminal event logs and scan for any instance where customers scanned private key at the ATM, send funds from hot wallets, download user names, their password hashes, and turn off 2FA.

The attacker reportedly used 41 addresses to execute the attack. The company also acknowledged that the attacker managed to transfer funds from the targeted hot wallets. However, it did not disclose the total amount of stolen funds.

General Bytes identified that the attack exploited a vulnerability that has existed in the company’s product since version 20210401. This vulnerability went undiscovered despite “multiple security audits since 2021.”

Regarding the matter, the Bitcoin ATM manufacturer promised to conduct multiple independent security audits to help identify any vulnerabilities in its products.

General Bytes has reacted to the incident by shutting down its services and urged Bitcoin ATM operators to install two patch releases that fix the vulnerability.

It is theoretically (and practically) impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors.

The company’s servers experienced a zero-day attack in August 2022, where hackers penetrated the system and seized the administrator privileges that enabled them to transfer funds.

General Bytes is the largest Bitcoin ATM Manufacturer based in Prague, Czech Republic. It has sold over 15,000 Bitcoin ATMs to clients in more than 149 countries globally.

Gile K. , Market Sentiment Analyst
Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Loading...
binance
×
Verified

$600 WELCOME BONUS

Earn Huge Exclusive Binance Learners Rewards
5.0 Rating