Bitcoin ATM Manufacturer Suffers Attack
General Bytes, a manufacturer of Bitcoin ATMs, disclosed a security incident that resulted in the theft of millions of dollars’ worth of funds. Attackers were able to steal cryptocurrency from the company and its customers using a Zero Day in its BATM management platform.
In terms of the March 17-18 incident, here is what General Bytes said what happened:
The attacker identified a security vulnerability in the master service interface used by Bitcoin ATMs to upload videos to server.
The attacker scanned the Digital Ocean cloud hosting IP address space and identified running Crypto Application Server (CAS) services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our recommended cloud hosting provider).
Using this security vulnerability, attacker uploaded his own application directly to application server used by admin interface. Application server was by default configured to start applications in its deployment folder.
March 17, 2023
It is believed the attack resulted in at least 56 Bitcoin (BTC) worth over $1.5 million and 21.82 Ether (ETH) worth $37,000 being sent to wallets associated with the hacker.