Hackers managed to empty millions of dollars in digital currencies from ATMs cryptocurrencies by exploiting a zero-day vulnerability. The robbery targeted ATMs sold by General Bytes, a company with many ATMs around the world. These BATMs, short for bitcoin ATMs, can be placed in stores and other businesses to allow bitcoins to be exchanged for other currencies and vice versa.
Customers connect BATMs to a crypto application server (CAS from crypto application server) that they can manage or, until now, that General Bytes can manage for customers.
Over the weekend, General Bytes he revealed that more than $1,5 million in bitcoins had been withdrawn from an ATM. To carry out the heist, the unknown attacker exploited an unknown vulnerability that allowed him to run a malicious Java application. He then took about 56 BTC, worth about $1,5 million. General Bytes patched the vulnerability 15 hours after learning about it, but due to the way cryptocurrencies work, the losses were unrecoverable.
The company is currently located in procedure collectionς δεδομένων από τους πελάτες της για την επικύρωση όλων των απωλειών από το hack, διενεργεί εσωτερική έρευνα και συνεργάζεται με τις αρχές σε μια προσπάθεια να εντοπίσει τον hacker. Η General Bytes ανέφερε ότι πραγματοποίησε “πάρα πολλούς ελέγχους ασφαλείας από το 2021” και ότι κανένας από αυτούς δεν εντόπισε την ευπάθεια που έγινε αντικείμενο εκμετάλλευσης. Η εταιρεία βρίσκεται τώρα στη διαδικασία search further assistance for the security of its BATMs.