As the cryptocurrency industry is growing vast and technologically advanced, institutions are finding a number of ways to bring them into the public’s eye.
The companies have been coming up with ways of bringing more and more exposure to cryptocurrencies. One of the major tactics to expose people to cryptocurrencies was to introduce cryptocurrency ATMs.
As the following for Bitcoin (BTC) grew faster and stronger than any other cryptocurrency, it became the most deserving cryptocurrency when it came to introducing crypto ATMs.
Hackers are Growing Aggressive
Unfortunately, just as the cryptocurrency sector is growing vast and is earning mainstream recognition, hackers have also started targeting them.
From the beginning of 2021 to the present, the number of exploits and hacks within the cryptocurrency sector has been tremendously high.
Now, the hackers are growing very aggressive and they have even started to attack semi-government sectors for the purposes of ransomware.
Hackers Hacked Bitcoin ATMs
One of the latest exploits that the hacker has carried out is on Bitcoin ATMs. The hackers went after the servers of the General Bytes Bitcoin ATM.
After making their way into the servers, the hackers were able to steal away the cryptocurrencies from customers.
So far, the investigation teams have confirmed that the hackers were able to gain access to the servers through the zero-day vulnerability. Once they used the vulnerability, they were able to exploit the servers.
Exploit Allowed Hackers to Siphon Cryptocurrencies
After the hackers had exploited the servers, any funds the customers deposited or if they purchased any cryptocurrencies through the ATM, would be stolen by the hackers.
The particular Bitcoin ATMs have been manufactured by General Bytes. Initially, the ATMs were integrated with Bitcoin but over time, more than 40 cryptocurrencies were added.
So the customers could purchase any of the cryptocurrencies that were made available through the ATMs.
Crypto Application Server (CAS)
The Crypto Application Server is responsible for the management of Bitcoin ATMs. It tends to control the ATMs, and the CAS is also referred to as a remote.
All the operations, cryptocurrencies, and executions of transactions (sale/purchase) are controlled by the CAS.
The hackers were able to gain access and control of the CAS, which allowed them to create an admin user using the CAS administrative interface.
The weakness that allowed the hackers to gain access to the CAS was the zero-day vulnerability.
Hackers Stole Around 10 Bitcoins
So far, General Bytes has confirmed that the hackers were able to steal away around 10 Bitcoins. At the time of writing, the number of stolen Bitcoins translates to around $230,000.