A Leading Bitcoin ATM Provider Urges Immediate System Upgrades After Zero-Day Vulnerability Exploited by Hackers
A prominent provider of Bitcoin ATMs is advising its clients to upgrade their systems promptly following a recent incident where hackers took advantage of a zero-day vulnerability in the company’s software to steal funds.
Details of the Security Breach
General Bytes, the company behind the Bitcoin ATMs, disclosed that the vulnerability was discovered in the master service interface used by the ATMs to upload videos to the server. The attackers exploited this flaw to infiltrate the system and carry out malicious activities.
The attackers identified running CAS services on specific ports, including the General Bytes Cloud service and other operators hosting their servers on Digital Ocean. By uploading a Java application to the admin interface, the threat actors were able to access the database, decrypt API keys, send funds from hot wallets, and disable security measures like two-factor authentication.
Immediate Actions Required
General Bytes is recommending all ATM operators to patch their CAS software without delay. They should also assume that all CAS passwords and API keys have been compromised and reset passwords, generate new API keys, and invalidate the old ones to prevent further unauthorized access.
In response to the attack, General Bytes has decided to shut down its cloud service, emphasizing the importance of securing standalone servers behind firewalls and VPNs to prevent future breaches.
Preventive Measures and Future Plans
The company is advising ATM operators to install their own standalone servers and migrate data from the GB Cloud. They also suggest connecting terminals to CAS via VPN to enhance security against potential threats from the open internet.
Despite conducting multiple security audits, General Bytes admitted to missing the zero-day bug that led to the recent breach. As a result, they are emphasizing the importance of regularly updating and securing systems to protect against evolving cyber threats.
For more information on cryptocurrency ATMs and related regulations, you can refer to the FCA’s guidelines on the legality of crypto ATMs in the UK.