Unidentified hackers stole more than $1.6 million in cryptocurrency from General Bytes' Bitcoin ATMs over the St. Patrick's Day holiday.
In what the ATM owner described as a "highly serious security incident," threat actors were able to exploit a zero-day flaw by uploading "his own java application remotely via the master service interface used by terminals to upload videos and run it using batm user privileges," according to the General Bytes advisory.
After gaining access to the database, the attackers were able to "read and decrypt API keys used to access funds in hot wallets and exchanges, send funds from hot wallets, and download usernames, password hashes," as well as disable the two-factor authentication (2FA) feature.
This cryptocurrency-related hack is the second in less than a year, with the previous one occurring in August of last year.
Despite the fact that the company has stated that it has conducted multiple security audits since 2021, this was a vulnerability that was never discovered. General Bytes advises its terminal operator clients to keep their servers behind firewalls and VPNs and to assume that end-user passwords and API keys to exchanges and hot wallets are compromised and should be changed accordingly.
Please do not enter any spam link in the comment box.