General Bytes, the Bitcoin ATM maker, has recently announced that unidentified cybercriminals could make off with crypto assets by exploiting a zero-day security flaw in its software. In a statement, General Bytes shares, "the attacker was able to upload his java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges."
The firm also illustrated that "the attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean."
A spokesperson from General Byte stated that the server to which the malicious Java app was uploaded was, by default, configured to start up applications present in the deployment folder ("/batm/app/admin/standalone/deployments/").
As a result, this permitted the cybercriminals to directly access the database to read and decrypt all API keys, giving them full access to all available funds in hot wallets and exchanges. Overall, the hackers were able to make off with 56.283 BTC ($1.5 million), 21.823 ETH ($36,500), and 1,219.183 LTC ($96,500).
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.
Comments