KEEPNET LABS > Blog > General Bytes Suffer Cyberattack

General Bytes Suffer Cyberattack

A cyberattack took advantage of a previously unknown flaw in General Bytes software. CAS allows businesses to manage Bitcoin ATMs from a centralized location via a desktop computer or a browser on a mobile device.

General Bytes Suffer Cyberattack

General Bytes, a bitcoin ATM manufacturer, has confirmed that it has been the victim of a cyberattack that took advantage of a previously unknown flaw in its software to steal cryptocurrency from its users. The company released a result last week. The attacker was able to create a remote administrator user through the CAS management interface by searching for the URL on the page used to install it as standard on the server and create the first administrator user.

This vulnerability is available in the CAS software as of version 2020-12-08.” It is not yet clear how many servers were breached by this bug and how many cryptocurrencies were looted. CAS stands for Crypto Application Server, a standalone General Bytes product that allows businesses to manage Bitcoin ATMs (BATMs) from a centralized location via a desktop computer or a browser on a mobile device.

The zero-day bug related to a bug in the CAS admin interface has been fixed in two new versions, 20220531.38 and 20220725.22. General Bytes said that an anonymous threat subject identified the CAS services running on ports 443 and 7777 by scanning the cloud hosting IP address space of Digitalocean, and then abused the error to add a new default administrator user named “GB” to the Cas.

Join
Our Newsletter

Sign up to learn about the latest threats, hacking methods, and news.