Hackers managed to empty millions of dollars in digital currencies from ATMs κρυπτονομισμάτων, εκμεταλλευόμενοι μια ευπάθεια zero-day. Η ληστεία είχε στόχο τα ΑΤΜ που πωλούνται από την General Bytes, μια εταιρεία με πολλά ΑΤΜ σε όλο τον κόσμο. Αυτά τα BATM, συντομογραφία για τα bitcoin ATM, μπορούν να τοποθετηθούν σε καταστήματα και άλλες businesses to allow bitcoin to be exchanged for other currencies and vice versa.
Clients connect BATMs to a crypto application server (CAS from crypto application server) that they can manage or, until now, that General Bytes can manage for customers.
Over the weekend, General Bytes he revealed that more than 1,5 millions dollars in bitcoins had been withdrawn from an ATM. To carry out the heist, the unknown attacker exploited an unknown vulnerability that allowed him to run a malicious Java application. He then took about 56 BTC, worth about $1,5 million. General Bytes patched the vulnerability 15 hours after learning about it, but due to the way cryptocurrencies work, the losses were unrecoverable.
The company is currently in the process of collecting data from its customers to validate all losses from the hack, conducting an internal investigation and working with authorities in an effort to identify the hacker. General Bytes said that it has performed "numerous security checks since 2021" and that none of them detected the exploited vulnerability. The company is now in the process of seeking further assistance to secure its BATMs.
