The security of the Blockchain ecosystem is again affected due to the large number of hacks that continue to be conducted, this time General Byte ATMs are the victims.
Hackers don’t stop. This time the victim was the General Bytes ATMs, from which about 40 BTC were stolen due to the existence of the Zero-Day vulnerability, which was not detected in the most recent audits carried out on the system, the technicians of the company claim.
To date, cryptocurrency thefts in different parts of the world exceed 2,000 million euros, an increase of almost 700,000,000 compared to the same period in 2021. The methods used are diverse, but hackers are always ready to detect any failure or vulnerability that exists in the networks to take control and steal everything they can.
Over 40BTC Stolen Due to General Byte Zero-Day Vulnerability
One of the companies that manufactures ATMs for Bitcoin is General Byte, who also provide everything related to the world of Blockchain. They are the second manufacturer worldwide with 8,832, just behind Genesis Coin, which has already distributed 15,000 in different countries. The company, which has its origins in the Czech Republic, also allows you to sell or acquire 40 types of cryptocurrencies.
This time, the servers were compromised in an attack on August 18 when the Zero-Day vulnerability was detected, giving criminals the opportunity to take on administrator roles, modify system settings, and transfer available funds. to a virtual wallet address, they entered at the time. It has not yet been specified how much the stolen amount is nor the number of ATMs involved.
Through the company’s blog, some details of how the operation took place were specified. They think the hackers searched for TCP ports 7777 or 443 to detect a gateway. Cloud servers were also involved in this scan, as well as physical equipment.
After they took over, they changed the default administrator and changed the transaction format, so any cryptocurrency in or out went to the address entered.
Vulnerability Unknown for General Byte despite Multiple Security Audits
The company said in the statement that they have carried out several security audits in the last two years and that none of them managed to detect this vulnerability that allowed hackers to steal money in Bitcoin from several of its users. They also explain that the attack came after they announced a campaign to help refugees from Ukraine.
At the moment, they are working on updating patches 20220725.22, and 20220531.38, which will allow their customers to seamlessly access resources and perform transfers without any inconvenience. Meanwhile, his blog reads a series of steps that must be taken on the devices before making any new transaction.
Some experts suggest that the attack could have been thwarted if the servers had been protected by a firewall, which would only allow connections to be made from safe addresses. Apparently, there are still several systems that are unprotected, which could give rise to new attacks by hackers.
Basic personal protection measures include keeping your computer up to date, using a secure browser, protecting email with good passwords, and having a data recovery plan in case important information is hijacked.
By Audy Castaneda
