Key Points:
On March 17, General Bytes reported the most serious security incident, as Coincu reported. The attacker used the system’s upload interface to upload and run a malicious Java program in order to obtain database permissions on the server as well as the hot wallet withdrawal API Key.
The attacker investigated the Digital Ocean cloud hosting IP address space and detected CAS services running on port 7741, including the General Bytes Cloud service and other GB ATM operators using Digital Ocean, the company’s cloud hosting provider.
“The attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our recommended cloud hosting provider),” General Bytes explained in the security incident report.
According to reports, the hack resulted in the deposit of at least 56 BTC and 21.82 ETH into wallets associated with the hacker.
General Bytes had properly examined the hack’s damages and had been working feverishly to strengthen security measures and avoid such instances in the future.
It also emphasizes that the compromised system has been subjected to multiple security audits since 2021, but none of them have identified the exploited vulnerability.
Also, in 2021, Kraken cryptocurrency exchange experts discovered various vulnerabilities in General Bytes’ ATMs, which the firm swiftly corrected.
Despite these security audits, General Bytes experienced a security incident in August 2022, when hackers exploited a zero-day vulnerability in its ATM servers to steal cryptocurrency from its customers.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
Over 84% of the staked Sui token supply is controlled by the founders, raising centralization…
The Coinbase class action lawsuit, echoing a previous case against the exchange, accuses it of…
Tether's CEO, Paolo Ardoino, highlights discrepancies in the Bitfinex data breach, revealing that only a…
Bitfinex data leak allegedly by FSOCIETY includes 2.5TB of exchange data and 400K users' details.…
According to Parsec, Friend Tech v2's launch disappointed many, with 95% users unable to claim…
The legal debate over Ethereum classification intensifies as Consensys sues SEC for regulatory overreach.
This website uses cookies.