BTCATM
1,452 megtekintés
2 Bejegyzések
Népszerű
Legfrissebb
#BTC #BTCATM BIT COIN ATM
A different kind of ATM is setting up shop in your local convenience store.
These machines look like traditional banking kiosks, but they allow customers to buy bitcoin in cash.
Bitcoin ATMs, or BTMs, exploded in popularity between 2020 and mid-2022, at the height of the crypto craze. At their peak, BTMs totaled 34,000 across the U.S., according to Coin ATM Radar.
More and more people are using bitcoin ATMs to send money at lightning speed. A study from Bitcoin Depot, the company with the largest share of BTMs across the U.S., found that two-thirds of their customers use the machines for remittances and online purchases. But these machines have also gained a reputation as a vehicle for crime. Scammers can send their victims to these kiosks to take advantage of the faster transaction speeds.
A different kind of ATM is setting up shop in your local convenience store.
These machines look like traditional banking kiosks, but they allow customers to buy bitcoin in cash.
Bitcoin ATMs, or BTMs, exploded in popularity between 2020 and mid-2022, at the height of the crypto craze. At their peak, BTMs totaled 34,000 across the U.S., according to Coin ATM Radar.
More and more people are using bitcoin ATMs to send money at lightning speed. A study from Bitcoin Depot, the company with the largest share of BTMs across the U.S., found that two-thirds of their customers use the machines for remittances and online purchases. But these machines have also gained a reputation as a vehicle for crime. Scammers can send their victims to these kiosks to take advantage of the faster transaction speeds.
Analyzing GENERAL BYTES Bitcoin ATM Maker Breach And Protecting Yourself
Bitcoin ATM maker GENERAL BYTES has announced that it has experienced a security incident of the highest severity. According to the company, the attacker was able to identify a security vulnerability in the master service interface used by Bitcoin ATMs to upload videos to the server.
This vulnerability allowed the attacker to read and decrypt API keys used to access funds in hot wallets and exchanges.
The attacker was able to upload a java application remotely via the master service interface used by terminals to upload videos and run it using batm user privileges. This gave them access to the database, the ability to send funds from hot wallets, and the ability to download user names and their password hashes. Additionally, the attacker was able to turn off two-factor authentication and access terminal event logs.
The incident affected older versions of ATM software that were logging customer’s private key information. GB has advised customers to investigate their master.log and admin.log files for time gaps when the server was not logging anything, which is a certain indicator of an attack. Customers should also look for suspicious content in /batm/app/admin/standalone/deployments/ and consider that their user passwords and API keys have been compromised.
The company has recommended that customers regenerate new API keys and invalidate old ones, change all user passwords, and install their own Standalone server. GB has stated that it is shuttering its Cloud service as it is impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors. GB support will help customers migrate their data from the GB Cloud to their own Standalone server.
In conclusion, GB has experienced a significant security incident that has compromised customer information and API keys. Customers should take immediate action to protect themselves by regenerating API keys, changing passwords, and installing their own Standalone server. The incident highlights the importance of security measures in the cryptocurrency industry, and the need for constant vigilance against attackers.
#BitcoinATM #BTCATM #GENERALBYTES #hack #azcoinnews
This article was republished from azcoinnews.com
This vulnerability allowed the attacker to read and decrypt API keys used to access funds in hot wallets and exchanges.
The attacker was able to upload a java application remotely via the master service interface used by terminals to upload videos and run it using batm user privileges. This gave them access to the database, the ability to send funds from hot wallets, and the ability to download user names and their password hashes. Additionally, the attacker was able to turn off two-factor authentication and access terminal event logs.
The incident affected older versions of ATM software that were logging customer’s private key information. GB has advised customers to investigate their master.log and admin.log files for time gaps when the server was not logging anything, which is a certain indicator of an attack. Customers should also look for suspicious content in /batm/app/admin/standalone/deployments/ and consider that their user passwords and API keys have been compromised.
The company has recommended that customers regenerate new API keys and invalidate old ones, change all user passwords, and install their own Standalone server. GB has stated that it is shuttering its Cloud service as it is impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors. GB support will help customers migrate their data from the GB Cloud to their own Standalone server.
In conclusion, GB has experienced a significant security incident that has compromised customer information and API keys. Customers should take immediate action to protect themselves by regenerating API keys, changing passwords, and installing their own Standalone server. The incident highlights the importance of security measures in the cryptocurrency industry, and the need for constant vigilance against attackers.
#BitcoinATM #BTCATM #GENERALBYTES #hack #azcoinnews
This article was republished from azcoinnews.com
