0day vulnerability exploited in General Bytes

General Bytes, a global provider of Bitcoin ATMs, has been the victim of a cyber-attack that exploited a 0day vulnerability in the CAS (computer algebra system) administrator interface.

According to the company's statement, the attacker created an admin user remotely, via the CAS administrative interface, by calling the URL of the page used for the default installation on the server.

In this way, the attacker changed the buy and sell settings, so that any cryptocurrency traded at these ATMs would be sent to his wallet. After learning of the attack, General Bytes fixed this vulnerability in versions 20220531.38 and 20220725.22.