0day vulnerability exploited in General Bytes
General Bytes, a global provider of Bitcoin ATMs, has been the victim of a cyber-attack that exploited a 0day vulnerability in the CAS (computer algebra system) administrator interface.
According to the company's statement, the attacker created an admin user remotely, via the CAS administrative interface, by calling the URL of the page used for the default installation on the server.
In this way, the attacker changed the buy and sell settings, so that any cryptocurrency traded at these ATMs would be sent to his wallet. After learning of the attack, General Bytes fixed this vulnerability in versions 20220531.38 and 20220725.22.
References:
- 19/08/2022 generalbytes.atlassian.net Security Incident August 18th 2022
- 22/08/2022 diariobitcoin.com General Bytes, segundo fabricante más grande de cajeros ATM Bitcoin, sufre hackeo
- 22/08/2022 cointelegraph.com Hackers exploit zero-day bug to steal from General Bytes Bitcoin ATMs
- 22/08/2022 es.gizmodo.com General Bytes, el segundo fabricante de cajeros Bitcoin del mundo, sufre un hackeo masivo
- 22/08/2022 businessinsider.es 'Hackean' el mayor proveedor mundial de cajeros automáticos de bitcoin para robar criptomonedas
- 24/08/2022 unaaldia.hispasec.com Hackean con un 0-day cajeros automáticos de General Bytes