Software used in cryptocurrency ATMs General Bytes hacked and scammers allowed stealing funds from customers using affected machines. The invasion was confirmed by the Czech Republic-based company last Thursday (18).
According to the company, which operates more than 8,000 boxes in 120 countries, cybercriminals exploited a zero-day vulnerability in the Crypto Application Server (CAS) system to become the default administrator. From there, they were able to change their settings. digital currency trading equipment.
By exploiting the bug, the attackers redirected all transactions made at the affected cashiers to a crypto wallet where they control. In this way, any transaction passing through the machines was redirected to the address of the wallet managed by the hackers.
not disclosed so far, amount of stolen cryptocurrency Number of boxes compromised or during the malicious campaign. System users can buy and sell more than 40 digital currencies on branded equipment. bitcoins and other extremely popular cryptocurrencies.
Boxes must be updated before use
To fix the issue, General Bytes has released a patch for the vulnerability that was exploited by attackers. cyber attack. In addition to updating the system, operators should also perform other security steps such as changing the server’s firewall settings, reviewing the registered user list and encryption strategies.
Also necessary reset user passwords and follow other instructions found on the manufacturer’s website. The company advised administrators to suspend the use of bitcoin and other cryptocurrency ATMs until the patch installation and entire reconfiguration process is complete.
Source: Tec Mundo
