The corporation has urged ATM operators to update their software immediately.
The CAS admin interface should be accessible only from trusted IP addresses.
On Thursday, hackers used a zero-day exploit to gain access to the servers of Bitcoin ATM maker General Bytes, changing the default administrators to themselves and resetting the system so that all payments were sent to their wallet address.
The corporation has urged ATM operators to update their software immediately but has not yet revealed the amount of money taken or the number of ATMs affected.
On Thursday, General Bytes announced the breach on their network of 8827 Bitcoin ATMs, which are available in more than 120 countries. The ATMs and the company’s headquarters are both produced in Prague, Czech Republic. The average number of coins that may be purchased or sold at an ATM is above 40.
Sell Crypto Settings
Hacker alterations to Thursday’s CAS software release, version 20201208, introduced the flaw. Customers using versions prior to 20220725 or 20220531 of the General Bytes ATM server software are strongly advised to upgrade to patch release 20220725.22 immediately.
The CAS admin interface should be accessible only from trusted IP addresses, thus customers have been urged to adjust their server firewall settings accordingly.
General Bytes prompted consumers to check their “SELL Crypto Setting” before the terminals were turned back on to make sure the hackers hadn’t redirected any incoming payments to themselves (and not the customers).
General Bytes said that since its founding in 2020, many security assessments had been done, but none had found this flaw. The security advisory team for General Bytes revealed in a blog post that the thieves broke into the firm’s Crypto Application Server (CAS) by exploiting a zero-day vulnerability.
Every aspect of the ATM’s functioning, such as which coins are accepted and how they are bought and sold on exchanges, is handled by the CAS server.