{"id":20462,"date":"2022-08-22T03:10:54","date_gmt":"2022-08-22T03:10:54","guid":{"rendered":"https:\/\/bitcoinwisdom.com\/?p=20462"},"modified":"2022-08-22T03:11:06","modified_gmt":"2022-08-22T03:11:06","slug":"hacker-stole-money-from-bitcoin-atm-users","status":"publish","type":"post","link":"https:\/\/bitcoinwisdom.com\/sv\/hacker-stole-money-from-bitcoin-atm-users\/","title":{"rendered":"Hackare stal pengar fr\u00e5n Bitcoin-bankomatanv\u00e4ndare"},"content":{"rendered":"<ul class=\"wp-block-list\"><li><strong>Bitcoin ATM-tillverkaren General Bytes stod inf\u00f6r en kompromiss p\u00e5 sina servrar via en nolldagsattack som h\u00e4nde f\u00f6rra veckan.<\/strong><\/li><li><strong>F\u00f6retaget avsl\u00f6jade inte hur mycket pengar som stulits eller hur m\u00e5nga bankomater som \u00e4ventyrats. General Bytes har dock rekommenderat bankomatoperat\u00f6rer att omedelbart uppdatera sin programvara.<\/strong><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<p>Den v\u00e4lk\u00e4nda Bitcoin ATM-tillverkaren General Bytes har nyligen m\u00f6tt en kompromiss p\u00e5 sina servrar via en nolldagsattack som h\u00e4nde f\u00f6rra veckan. Incidenten gjorde det m\u00f6jligt f\u00f6r angriparna att fungera som standardadministrat\u00f6rer och \u00e4ndra inst\u00e4llningar f\u00f6r att \u00f6verf\u00f6ra alla pengar till sin pl\u00e5nboksadress.<\/p>\n\n\n\n<p>Varken f\u00f6retaget avsl\u00f6jade hur mycket pengar som stulits eller antalet Bitcoin-uttagsautomater som \u00e4ventyrats. General Bytes har dock <a href=\"https:\/\/generalbytes.atlassian.net\/wiki\/spaces\/ESD\/pages\/2785509377\/Security+Incident+August+18th+2022\" rel=\"nofollow noopener\" target=\"_blank\">r\u00e5dde<\/a> ATM-operat\u00f6rer att omedelbart uppdatera sin programvara.<\/p>\n\n\n\n<p>Enligt f\u00f6retagets r\u00e5d som publicerades p\u00e5 torsdagen identifierade hackaren ett s\u00e4kerhetsfel i CAS-administrat\u00f6rsgr\u00e4nssnittet. De skannade molnv\u00e4rdleverant\u00f6ren Digital Oceans IP-adressutrymme och missbrukade s\u00e5rbarheten f\u00f6r att identifiera k\u00f6rande CAS-tj\u00e4nster p\u00e5 portarna 7777 eller 443. Efter detta skapade de en ny standardadminanv\u00e4ndare, organisation och terminal.&nbsp;<\/p>\n\n\n\n<p>Efter att ha noggrant utv\u00e4rderat CAS-gr\u00e4nssnittet d\u00f6pte angriparen om standardadminanv\u00e4ndaren till &quot;gb.&quot; Efter detta gjorde de \u00e4ndringar i kryptoinst\u00e4llningarna f\u00f6r tv\u00e5v\u00e4gsmaskiner med thor-pl\u00e5nboksinst\u00e4llningar. Detta resulterade i att tv\u00e5v\u00e4gs Bitcoin-uttagsautomater vidarebefordrade kryptovalutor till angriparens pl\u00e5nbok n\u00e4r kunder skickade sina pengar till bankomater:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>&quot;Angriparen kunde skapa en administrat\u00f6rsanv\u00e4ndare p\u00e5 distans via CAS administrativa gr\u00e4nssnitt via ett URL-anrop p\u00e5 sidan som anv\u00e4nds f\u00f6r standardinstallationen p\u00e5 servern och skapa den f\u00f6rsta administrationsanv\u00e4ndaren.&quot;<\/p><\/blockquote>\n\n\n\n<p>Trots det olyckliga intr\u00e5nget h\u00e4vdar General Bytes att ingen \u00e5tkomst till databasen har gjorts. Dessutom fick angriparen inte tillg\u00e5ng till v\u00e4rddriften och filsystemet. F\u00f6retaget med huvudkontor i Prag, Tjeckien klargjorde att alla l\u00f6senord, l\u00f6senordshaschar, salter, API-nycklar och privata nycklar \u00e4r s\u00e4kra.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Bitcoin ATM-mark\u00f6rens uppmaning till kunder<\/h2>\n\n\n\n<p>General Bytes, som \u00e4ger och driver 8827 Bitcoin-uttagsautomater spridda i mer \u00e4n 120 l\u00e4nder, erbjuder kunderna m\u00f6jligheten att k\u00f6pa och s\u00e4lja mer \u00e4n 40 kryptovalutor. <\/p>\n\n\n\n<p>F\u00f6retaget har uppmanat kunder som k\u00f6r p\u00e5 20220531 att sluta anv\u00e4nda sina General Bytes ATM-servrar tills de uppdaterar sina servrar f\u00f6r att korrigera utg\u00e5vorna 20220725.22 och 20220531.38. <\/p>\n\n\n\n<p>Anv\u00e4ndare har ocks\u00e5 uppmuntrats att \u00e4ndra sina serverbrandv\u00e4ggsinst\u00e4llningar s\u00e5 att CAS-administrat\u00f6rsgr\u00e4nssnittet endast kan n\u00e5s fr\u00e5n till\u00e5tna IP-adresser.\u00a0 <\/p>\n\n\n\n<p>General Bytes r\u00e5dde ocks\u00e5 konsumenter att kontrollera sin &quot;S\u00c4LJ Krypto-inst\u00e4llning&quot; innan de startade om terminalerna f\u00f6r att f\u00f6rs\u00e4kra sig om att hackarna inte hade \u00e4ndrat inst\u00e4llningarna s\u00e5 att eventuella mottagna pengar skulle \u00f6verf\u00f6ras till dem ist\u00e4llet (och inte kunderna).<\/p>\n\n\n\n<p>Sedan grundandet 2020 h\u00e4vdade General Bytes att flera s\u00e4kerhetsrevisioner har utf\u00f6rts, men ingen av dem har n\u00e5gonsin uppt\u00e4ckt denna s\u00e5rbarhet.<\/p>\n\n\n\n<p>Anm\u00e4rkningsv\u00e4rt \u00e4r att attacken intr\u00e4ffade bara tre dagar efter att f\u00f6retaget gjorde offentliga tillk\u00e4nnagivanden om en &quot;Hj\u00e4lp Ukraina&quot;-funktion p\u00e5 sina uttagsautomater.<\/p>","protected":false},"excerpt":{"rendered":"<p>Bitcoin ATM-tillverkaren General Bytes stod inf\u00f6r en kompromiss p\u00e5 sina servrar via en nolldagsattack som h\u00e4nde f\u00f6rra veckan. F\u00f6retaget avsl\u00f6jade inte hur mycket pengar som stulits eller hur m\u00e5nga bankomater som \u00e4ventyrats. General Bytes har dock rekommenderat bankomatoperat\u00f6rer att omedelbart uppdatera sin programvara. Den v\u00e4lk\u00e4nda Bitcoin ATM-tillverkaren General Bytes har nyligen [\u2026]<\/p>","protected":false},"author":21,"featured_media":20468,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_editorskit_title_hidden":false,"_editorskit_reading_time":1,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","_uag_custom_page_level_css":"","footnotes":""},"categories":[12],"tags":[1406],"class_list":["post-20462","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-bitcoin-atm"],"acf":[],"uagb_featured_image_src":{"full":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2.jpg",1200,675,false],"thumbnail":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2-500x330.jpg",500,330,true],"medium":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2-300x169.jpg",300,169,true],"medium_large":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2-768x432.jpg",640,360,true],"large":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2-1024x576.jpg",640,360,true],"1536x1536":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2.jpg",1200,675,false],"2048x2048":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2.jpg",1200,675,false],"trp-custom-language-flag":["https:\/\/bitcoinwisdom.com\/wp-content\/uploads\/2022\/08\/Bitcoin-2-18x10.jpg",18,10,true]},"uagb_author_info":{"display_name":"Parth Dubey","author_link":"https:\/\/bitcoinwisdom.com\/sv\/author\/parth\/"},"uagb_comment_info":0,"uagb_excerpt":"Bitcoin ATM maker General Bytes faced a compromise on its servers via a zero-day attack that happened last week. The company did not reveal the amount of funds stolen, or the number of ATMs compromised. However, General Bytes has advised ATM operators to urgently update their software. Renowned Bitcoin ATM maker General Bytes has recently&hellip;","_links":{"self":[{"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/posts\/20462","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/comments?post=20462"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/posts\/20462\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/media\/20468"}],"wp:attachment":[{"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/media?parent=20462"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/categories?post=20462"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinwisdom.com\/sv\/wp-json\/wp\/v2\/tags?post=20462"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}