A Bitcoin ATM Company Falls Victim to a Zero-Day Exploit
A Bitcoin ATM company recently experienced a security breach due to a zero-day exploit, resulting in the theft of an undisclosed amount of digital currency. General Bytes, a leading cryptocurrency ATM manufacturer, issued a “highest” severity alert after discovering a critical vulnerability in its Crypto Application Server (CAS) that was exploited by hackers.
The Zero-Day Vulnerability
The exploit allowed the attackers to remotely create an admin user via the CAS administrative interface using a URL call on the default installation page. This flaw has been present in the CAS software since version 20201208, leaving the company’s systems vulnerable to unauthorized access.
After creating a new admin user, the hackers were able to manipulate the crypto settings of two-way ATMs, causing them to redirect coins to the attackers’ wallet when customers made transactions.
Response and Remediation
General Bytes promptly patched the CAS server with two updates and advised all clients to suspend ATM operations until they have completed necessary remediation steps. Although the attackers did not access sensitive information like passwords or private keys, the extent of the financial loss is still unknown.
Interestingly, the security flaw went undetected in multiple security audits conducted by the company since 2020, raising concerns about the effectiveness of their cybersecurity measures.
Unknown Attackers and Regulatory Issues
It remains unclear who the perpetrators behind the attack are, but the incident occurred shortly after General Bytes introduced a “Help Ukraine” feature on their ATMs. Additionally, earlier this year, the UK’s financial regulator declared crypto ATMs operating in the country as illegal, highlighting the regulatory challenges faced by the cryptocurrency industry.
Overall, the security breach serves as a stark reminder of the ongoing threats faced by companies operating in the cryptocurrency space and the importance of robust cybersecurity practices to safeguard digital assets.