Hackers managed to empty millions of dollars in digital currencies from ATMs cryptocurrencies by exploiting a zero-day vulnerability. The robbery targeted ATMs sold by General Bytes, a company with many ATMs around the world. These BATMs, short for bitcoin ATMs, can be placed in stores and other businesses to allow bitcoins to be exchanged for other currencies and vice versa.
Clients connect BATMs to an application server encryption(CAS from the crypto application server) that they can manage or, until now, that General Bytes can manage for customers.
Over the weekend, General Bytes he revealed that more than $1,5 million in bitcoins had been withdrawn from an ATM. To carry out the heist, the unknown attacker exploited an unknown vulnerability that allowed him to run a malicious Java application. He then took about 56 BTC, worth about $1,5 million. General Bytes patched the vulnerability 15 hours after learning about it, but because of the way modeof cryptocurrencies, the losses were unrecoverable.
The company is currently in the process of collecting data from its customers to validate all losses from the hack, conducting an internal investigation and working with authorities in an effort to track down the hacker. General Bytes reported that it performed “too many controlsecurity from 2021” and that none of them detected the exploited vulnerability. The company is now in the process search further assistance for the security of its BATMs.