General Bytes reported that over $1.5 million in bitcoin was drained from hot wallets (Internet-accessible wallets) via its bitcoin ATMs (BATMs) by hackers that exploited a previously unknown zero-day vulnerability.
This flaw allowed the hackers to use the master server interface, which permits customers to upload videos from the BATM terminal to the crypto application server (CAS), to upload and execute a malicious Java application.
Although the vulnerability was patched 15 hours after it was discovered, the stolen bitcoin could not be recovered.
In response to the incident, General Bytes said it would no longer manage CASes for customers.
From Ars Technica
View Full Article
Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA
No entries found