Bitcoin

Tus tsim Bitcoin ATM General Bytes kaw nws cov kev pabcuam huab tom qab hacker txheeb xyuas qhov tsis muaj peev xwm ua rau lawv txiav txim siab API cov yuam sij

03/19/2023
Cov Xov Xwm Bitcoin Ethereum

Ib tug hacker muaj peev xwm upload lawv tus kheej Java daim ntawv thov mus rau General Bytes 'bitcoin ATMs, uas enables tus attacker nyeem thiab decrypt API yuam sij kom nkag mus rau cov nyiaj ntawm exchanges thiab kub hnab nyiaj.

Lub tuam txhab tau tshaj tawm qhov teeb meem kev nyab xeeb loj heev ceeb toom ntawm nws nplooj ntawv Confluence thaum Lub Peb Hlis 18. Tus neeg tawm tsam tuaj yeem nkag mus rau hauv cov ntaub ntawv, rub tawm cov npe neeg siv thiab cov passwords nrog rau kaw ob qhov kev lees paub tseeb thiab luam theej duab lub davhlau ya nyob twg rau cov xwm txheej thaum cov neeg siv khoom scanned. cov yuam sij ntiag tug hauv ATM, lub tuam txhab tau hais.

"Peb yaum kom peb txhua tus neeg siv khoom ua sai sai los tiv thaiv lawv cov nyiaj txiag thiab cov ntaub ntawv ntiag tug thiab ua tib zoo nyeem cov ntawv xov xwm kev nyab xeeb uas tau teev tseg ntawm no," hais tias On Twitter.

duab

Nws tshwm sim li cas?

Lub hacker muaj peev xwm mount qhov kev tawm tsam los ntawm uploading lawv tus kheej Java daim ntawv thov thiab khiav nws remotely, siv tus tswv kev pab cuam interface, uas yog siv nyob rau hauv bitcoin ATMs upload yeeb yaj duab rau lub server, lub tuam txhab hais tias.

Ob qhov General Bytes 'cloud service thiab standalone servers raug cuam tshuam thiab vim li ntawd lub tuam txhab tau kaw nws cov kev pabcuam huab.

"Nws yog theoretically (thiab xyaum ua) tsis yooj yim sua kom muaj kev ruaj ntseg rau kev nkag mus rau ntau tus neeg ua haujlwm nyob rau tib lub sijhawm uas qee tus ntawm lawv yog cov neeg ua phem phem," hais tias lub tuam txhab hauv kev tshaj tawm, ntxiv tias nws yuav muab kev txhawb nqa rau cov neeg siv khoom kom hloov pauv los ntawm lub tuam txhab. huab kev pab cuam los khiav lawv tus kheej standalone servers.

Lub tuam txhab luam tawm cov kauj ruam los siv kev ruaj ntseg kho. Nws kuj tau hais tias hauv ntau qhov kev tshuaj xyuas uas tau ua tiav txij li xyoo 2021 nws tsis tau txheeb xyuas qhov tsis zoo no.

$ 1.5 lab ntawm bitcoin raug nyiag

Cov ntawv tshaj tawm kev ruaj ntseg kuj tau teev cov chaw nyob crypto thiab APIs siv los ntawm tus neeg tawm tsam. On-chain tsom xam qhia qhov sib npaug ntawm 56 bitcoin ($ 1.5 lab) hauv lub hnab nyiaj bitcoin txuas nrog tus neeg tawm tsam. 

Qhov no tsis yog thawj zaug General Bytes tau ntsib kev tawm tsam. Thaum lub Yim Hli xyoo tas los, tus neeg nyiag khoom tuaj yeem nyiag nyiaj los ntawm cov neeg siv khoom tso nyiaj ntawm nws lub ATM bitcoin. Nyob rau hauv tas li ntawd, lub hacker hloov lub crypto chaw ntawm ob-txoj kev tshuab nrog lawv lub hnab ntim khoom thiab qhov chaw nyob them nqi tsis raug.

General Bytes lub vev xaib hais tias nws tau muag ntau dua 15,000 lub tshuab hauv ntau dua 140 lub teb chaws.

Lub tuam txhab tsis teb tam sim ntawd thov kev tawm tswv yim.

© 2023 The Block Crypto, Inc. Tag Nrho Cov Cai. Kab lus no tsuas yog muab ua kev qhia nkaus xwb. Nws tsis yog muab los yog npaj rau siv raws li kev cai lij choj, se, peev, nyiaj txiag, lossis lwm yam kev qhia.

Tau qhov twg los: https://www.theblock.co/post/221032/bitcoin-atm-maker-general-bytes-shuts-down-its-cloud-service-after-hacker-identifies-vulnerability-enabling-them-to- decrypt-api-keys?utm_source=rss&utm_medium=rss