Please Respond to Seth’s article discussion.
Hackers steal crypto from Bitcoin ATMs by exploiting the zero-day bug by Lawrence Abrams on August 20, 2022
What type of attack occurred?
Hackers exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers. So, when customers deposit or purchase cryptocurrency via the ATM, the hackers would instead siphon off funds. (Abrams, 2022).
Was the attacker successful in penetrating the system or network?
Yes, the threat actors scanned the internet for exposed servers running on TCP ports 7777 or 443, including servers hosted at Digital Ocean and General Bytes’ cloud service. (Abrams, 2022), When Bleeping Computer was contacted by a General Bytes customer who told them that hackers were stealing bitcoin from their ATMs. The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration user (Abrams, 2022)
What, if anything, was the attacker able to access or obtain?
When Bleeping Computer was contacted by a General Bytes customer who told them that hackers were stealing bitcoin from their ATMs. The threat actors modified these settings, any cryptocurrency received by CAS was forwarded to the hackers instead. (Abrams, 2022).
What is the effect on the organization and customers because of the attack?
Cyber-attacks can damage once business’s reputation and erode the trust the customers have This, in turn, could potentially lead to a loss of customers. loss of sales.
The long-term consequences: Loss of trust and diminished reputation. Perhaps the most significant long-term consequence of a data breach is the loss of customer trust.
Also, cyber-attack could cause financial loss to organizations – from theft of money, and information, to disruption to the business. business loss – damage to reputation, damage to other companies you rely on to do business. costs – getting once-affected systems up and running.
What can you learn from this incident? If you are the network engineer or the person in charge of the network/infrastructure/data, what would you have done differently to prevent this from happening again?
Have the proper security measures in place to protect costumes’ data
To have a good cyber crisis incident response plan in place.
Investing in high-quality cyber incident planning and response training.
Equip your IT staff and the executive with the necessary knowledge and skills to be prepared for a cyber incident.
invest in a data breach readiness assessment to evaluate how susceptible to data breaches your business really is.
Reference
Abrams, L. (2022, August 20). Hackers steal crypto from Bitcoin ATMs by exploiting the zero-day bug. Retrieved from https://www.bleepingcomputer.com/news/security/hackers-steal-crypto-from-bitcoin-atms-by-exploiting-zero-day-bug/