Bitcoin ATM manufacturer General Bytes has revealed that it was targeted by cybercriminals who used a zero-day security flaw to hack its hot wallets and steal cryptocurrency. The attackers remotely uploaded a malicious Java application using the master service interface used by terminals to upload videos and run it with “batm” user privileges. By exploiting the flaw, the hackers accessed the database, read and decrypted API keys, sent funds from wallets, downloaded usernames and password hashes, and turned off two-factor authentication (2FA). General Bytes advised customers to rotate all users’ passwords and API keys to exchanges and hot wallets and to keep crypto application servers behind a firewall and a VPN. The exact amount of funds stolen was not disclosed, but analysis revealed the theft of BTC 56.283 ($1.5 million), ETH 21.823 ($36,500), and LTC 1,219.183 ($96,500). This marks the second hack targeting General Bytes in less than a year, after another zero-day flaw in its ATM servers was exploited in August 2022.
Source: The Hacker News
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.