Zero-Day Bug in Bitcoin ATMs Let Hackers Steal Customers' Cryptos

A zero-day vulnerability in General Bytes made Bitcoin ATMs are letting hackers siphon off customers’ cryptocurrencies whenever a transaction is made through them.

While it’s unknown how many Bitcoin ATMs have been affected or how many cryptocurrencies are stolen till now, General Bytes advised customers not to make transactions until further while it’s working on a patch solution.

Stealing Cryptos Through a Zero-Day Bug

To the unaware, Bitcoin ATMs, or more the cryptocurrency ATMs, are simple vending machines that let you buy or sell cryptocurrencies for real money. And General Bytes has got a fair share in this market, with their machines available at a number of places letting people transact over tens of different cryptocurrencies.

But, all these are bugged with a zero-day vulnerability – which is now letting hackers steal customers’ cryptocurrencies whenever they make a transaction. General Bytes warned about this in a security advisory this week, pointing at it’s Crypto Application Server (CAS) as the issue.

General Bytes use this CAS for managing all the ATM’s operations, like buying and selling cryptocurrencies and settling them with the connected cryptocurrency on exchanges. But with a bug in this, hackers are able to create a backdoor admin account that can further change the buy/sell operations of their Bitcoin ATMs.

“The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user.”

General Bytes assume that hackers are scanning the internet for exposed servers running on TCP ports 7777 or 443 – which are the major paths for accessing CAS. Once in, they will be able to replace the destination cryptocurrency wallet address of customers with that of their own to receive the intended funds.

This bug was available in all the Bitcoin ATMs running CAS software since version 20201208. So, General Bytes has warned customers not to make any transactions until they release a patch 20220531.38 and 20220725.22 on their servers.

Other Trending News:-  News


Please enter your comment!
Please enter your name here