Key Points:
Customers were urged to take quick steps to secure their personal information, according to a statement issued by the firm.
The attacker discovered a security flaw in the master service interface, which Bitcoin ATMs utilize to upload videos to the server. This is manifested in the capacity to read and decode API keys used to get access to money in hot wallets and exchanges.
The attacker examined the Digital Ocean cloud hosting IP address space and discovered CAS services operating on port 7741, including the General Bytes Cloud service and other GB ATM operators with servers hosted by Digital Ocean, the company’s cloud hosting provider.
Utilizing this security flaw, the attacker immediately uploaded his own program to the application server utilized by the admin interface. By default, the application server was set to run apps in its deployment folder.
The attacker may also get access to the database, obtain user names and password hashes, and disable 2FA. This disables security measures that might jeopardize user accounts.
According to the notification, users should consider all of their CAS passwords, API keys to exchanges, and hot wallets to have been stolen and disclosed. It is critical to produce new API keys, invalidate existing ones, and update all user passwords.
GENERAL BYTES is also shutting down its Cloud service to prevent further data breaches. There have been no claims of harm at this time, although the firm has disclosed wallet addresses that have been compromised.
Previously, GENERAL BYTES was subjected to another incident in which hackers used a zero-day vulnerability to redirect cash into their own accounts using General Bytes Bitcoin ATM servers.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
Bitcoin Spot ETF inflows hit $1.005B on Nov 21, led by BlackRock’s $608M and Fidelity’s…
Discover the success story of a New York tech entrepreneur who made $72M from a…
Discover the best cryptos to buy and hold today: Qubetics leads with 1000x potential, Ethereum…
With the platform facing a cracked whip, Trump Media company is expanding into new business…
Major crypto firms, including Ripple, Kraken, and Circle, are competing for spots on President-elect Donald…
Analysts highlight a breakout alert as Shiba Inu (SHIB), and Dogecoin show signs of recovery…
This website uses cookies.