Leading provider of bitcoin and blockchain technology, General Bytes, has reported the existence of a zero-day vulnerability that hackers are actively using to control the operation of crypto application server (CAS) hardware. Attackers use a software vulnerability to create a fake administrator account. Based on the data provided by the company, the attacks were implemented according to the following algorithm:
- Digital Ocean cloud hosting IP addresses are scanned for CAS services that open ports 7777 or 443;
- A zero-day vulnerability is used to create a fake administrator account;
- Hackers change the settings for buying and selling cryptocurrency, as well as an invalid payment address.
This allowed cybercriminals to transfer clients’ cryptocurrencies to their wallets. General Bytes does not yet indicate how many servers have been hacked and “hijacked” cryptocurrencies. General Bytes recommends not using ATMs until two patches (20220531.38 and 20220725.22) are installed on the servers.
Source: Trash Box
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
