Connect with us

TECH

Hackers Drain $1.5 Million Bitcoin ATMs Using 0-day Bug

Published

17 hours ago

on

Increase / BATM sold by General Bytes.

common bytes

Hackers siphoned millions of dollars worth of digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for unrecoverable losses, the kiosk maker said.

The robbery involved ATMs sold by General Bytes, a company with several offices around the world. These BATMs, short for bitcoin ATMs, can be installed in stores and other businesses to allow people to exchange bitcoins for other currencies and vice versa. Clients connect BATM to cryptographic application server (CAS) that they can manage, or, until now, General Bytes could manage for them. For reasons that are not entirely clear, BATMs offer an option that allows clients to upload video from a terminal to a CAS using a mechanism known as the master server interface.

I’m going, I’m going, I’m gone

On the weekend General Bytes disclosed that more than $1.5 million worth of bitcoins were withdrawn from CAS operated by the company and clients. To carry out the robbery, an unknown attacker exploited a previously unknown vulnerability that allowed him to use this interface to download and execute a malicious Java application. The actor then emptied various hot wallets of about 56 BTC worth about $1.5 million. General Bytes fixed the vulnerability 15 hours after it became known, but due to the way cryptocurrencies work, the losses were irreparable.

General Bytes officials wrote:

The night of March 17-18 was the most difficult time for us and some of our clients. The entire team is working around the clock to collect all security breach data and are constantly working to resolve all incidents to help customers get back online and continue working with their ATMs as soon as possible. We apologize for what happened, will review all of our security procedures and are currently doing everything we can to keep our affected customers afloat.

The report states that the course of the attack was as follows:

1. An attacker discovered a security vulnerability in the main service interface that BATMs use to upload videos to CAS.

2. The attacker scanned the IP address space managed by the DigitalOcean Ocean cloud host to identify running CAS services on ports 7741, including the General Bytes Cloud service and other BATM operators using their servers in Digital Ocean.

3. Using the vulnerability, an attacker uploaded a Java application directly to the application server used by the administrative interface. The application server is configured by default to run applications in its deployment folder.

After running the malicious application on the server, the attacker was able to (1) access the database, (2) read and decrypt the encrypted API keys needed to access funds in hot wallets and exchanges, (3) transfer funds from hot wallets to the wallet, controlled by an attacker, (4) downloading username and password hashes and disabling 2FA, and (5) accessing terminal event logs and looking for instances where customers scanned private keys at an ATM. The sensitive data in step 5 was registered by older versions of the ATM software.

BATM clients are now on their own

Going forward, General Bytes will no longer operate CAS on behalf of customers, in a release this weekend. This means that terminal owners will have to manage the servers themselves. The company is also collecting data from customers to verify all hack-related losses, conducting internal investigations, and cooperating with authorities in an attempt to identify the perpetrator.

General Bytes said the company has gone through “several security reviews” since 2021, and none of them found a exploited vulnerability. The company is currently seeking additional assistance in securing its BATMs.

The incident highlights the risk of storing cryptocurrencies in wallets available online, commonly referred to as hot wallets. Over the years, attackers who exploit various vulnerabilities in cryptocurrency infrastructures, or trick wallet owners into providing the encryption keys needed to withdraw funds, have been illegally draining untold amounts of digital coins from hot wallets.

Security practitioners have long advised people to store funds in cold wallets, which means they are not directly accessible from the internet. Unfortunately, BATMs and other types of cryptocurrency ATMs generally cannot follow this best practice because terminals must be connected to hot wallets in order for them to make real-time transactions. This means that BATM is likely to remain a prime target for hackers.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

TECH

Wordle today: here is the answer, clues for March 23

Published

2 hours ago

on

March 23, 2023

By

Today is palindrome day! Well, depending on your preferred date format. But if you wrote this on 03/23/23, made a wish or whatever you want to do to mark the occasion. Maybe today wordle? Our daily hints and hints will help you find the solution.

If you’d rather just be told the solution, you can scroll through this article until March 23rd. wordle solution disclosed. But if you prefer to work it out on your own, keep reading for some hints, tips, and strategies to help you.

where wordle from?

Originally created by engineer Josh Wardle as a gift to his partner, wordle(Opens in a new tab) has quickly spread and become an international phenomenon played every day by thousands of people around the world. alternates wordle fan-made versions even jumped, including battle royale argumentmusical game of definition hurdleand options like sit back another Quordles which will make you guess several words at the same time.

wordle eventually became so popular that it was bought The newspaper “New York Timesand the creators of TikTok even stream their games live.

Not the day you need? Here wordle response on March 22.

What’s better wordle starting word?

the best wordle the initial word is what brings joy to your heart. But if what brings you joy is strategy, we have some ideas to help you choose a word that can help you find a solution faster. One tip is to choose a word that includes at least two different vowels, as well as some common consonants like S, T, R, or N.

what happened with wordle archives?

The entire archive of the past wordle puzzles used to be available for everyone to have fun whenever they wanted. Unfortunately, it has since been removed, with the website’s creator claiming it was at the request of The newspaper “New York Times.

is wordle getting harder?

It may seem wordle it gets harder, but it’s really no harder than when it first started. You can turn on wordleHowever, Hard Mode if you need more testing.

Why are there two different wordle answers a few days?

Although usually wordle will only make one correct decision per day, sometimes he will rebel against the norm and find two different answers acceptable. It is related to the change The newspaper “New York Times made wordle after he purchased the puzzle game.

V once has since added his own updated word list, so this should happen even less frequently than before. To avoid confusion, it’s a good idea to refresh your browser before diving into a new puzzle.

Here’s a hint for today wordle reply:

It rhymes with a beloved indie game, a handy gardening tool, and the first word of Eric B and Rakim’s debut album.

Today’s wordle does the answer have a double letter?

Not today!

Today’s wordle 5 letter word starting with…

Today’s wordle starts with the letter S.

SEE ALSO:

Wordle obsessed? These are the best word games you can play in real life.

What is the answer to wordle Today?

We’re finally going to reveal the answer to today’s wordleso make your guesses right now!

You are ready?

Solution wordle No. 642 is…

STABLE.

Don’t be discouraged if you don’t succeed this time. beauty wordle is that there’s always something new to try the next day and we’ll be back here again with more helpful hints and tips.

Continue Reading

TECH

Samsung Galaxy S23 deals: big swap credits, gift card deals and more

Published

3 hours ago

on

March 23, 2023

By

This story is part Samsung eventsa collection of CNET news, tips and advice on Samsung’s most popular products.

The latest phones from Samsung’s flagship line, Galaxy S23, S23 Plus another S23 Ultraarrived in February. And while these aren’t the most affordable models on the market, with a starting price of $800, chances are you won’t have to pay full price if you’re hoping to get one of these. There are plenty of deals and offers from both carriers and retailers that can save you hundreds or even get one for free, especially if you have an old phone to trade in or need a new data plan. Below we’ve rounded up some of the best deals currently available so you can get your new S23 cheaper. And with the release of the new S23 models, you can also find great Discounts on the previous generation Galaxy S22 right now also.

Presented at the company’s exhibition Unpack event Earlier this year, Samsung’s refreshed Galaxy S line-up includes the Galaxy S23, S23 Plus and S23 Ultra. All three models retain the same screen sizes as the 2022 models of 6.1″, 6.6″ and 6.8″, respectively, with an improved exterior design and some modest upgrades to the camera hardware, battery sizes and internal storage of the two larger models. . Special version Processor Qualcomm Snapdragon 8 Gen 2optimized for the new Galaxy S23 lineup, works on the new phones, which the company claims should result in better performance.

Lisa Edichiko/CNET

Whether you’re excited to get your hands on one of Samsung’s latest phones, or maybe it’s just time to upgrade an old phone, we’re here to help you save some money on your S23 purchase. Please note that the offers and bonuses below are time limited and subject to change at any time.


Now playing:
Look:

Samsung Galaxy S23 lineup is here with big camera upgrades


6:08

How much does the Galaxy S23 cost?

The three Galaxy S23 models are available in different memory configurations. US pricing for each model starts at:

  • Samsung Galaxy S23: $800
  • Samsung Galaxy S23 Plus: $1,000
  • Samsung Galaxy S23 Ultra: $1,200

Please note that Samsung has improved the base storage for Galaxy S23 Plus and S23 Ultra, doubling it to 256GB instead of 128GB on the S22 models. However, the base model Galaxy S23 remains at 128GB. Both the Samsung Galaxy S23 and Galaxy S23 Plus offer 8GB of RAM, while the Galaxy S23 Ultra comes with 12GB of RAM.

What colors is the Galaxy S23 available in?

Samsung Galaxy S23 series in grey, pink and cream

Samsung

As always, Samsung has dressed its latest phones in an eye-catching color scheme. There’s a selection of nature-inspired colors this time around, including phantom black, cream, green, and lavender. All three S23 phones are available in these four colors regardless of where you buy them, although Samsung also offers four colors exclusive to own online store. These are the colors of lime, graphite, sky blue and red.

Best Galaxy S23 Deals

Go straight to the source of your Galaxy S23 order and get up to $750 when you trade in your old phone or device. You’ll also get access to Samsung’s exclusive online colors.

Samsung has some attractive offers from carriers if you don’t want an unlocked model, with up to $1,000 off at an acceptable trade-in. Finally, many of these offers can be extended with discounts for students, educators, first responders, government and military personnel, veterans and their families (see the Samsung website for details on discounts).

Best Buy is offering discounts on both unlocked and carrier models of the S23 line right now. If you don’t want to be locked into a carrier, you can save $50 on the base Galaxy S23 or $100 on the S23 Plus and Ultra. Best Buy states that you must choose the same activation to receive the discount, but the same price will be available if you choose to activate later. Best Buy also has its own trade-in program where you can get up to $600 off.

There are also carrier deals where you can save up to $1,000 on a Verizon model or $800 on an AT&T or T-Mobile model with an exchange and activation of the appropriate service plan.

Verizon’s Galaxy S23 deal offers up to $800 off with trade-in rights to an unlimited plan, and the carrier even accepts old or damaged phones. Those who switch to Verizon will also receive another $200 Verizon gift card. Other deals include free Galaxy Watch 5 and Galaxy Tab S7 FE 5G with purchase, although it’s worth noting that each of these cellular-enabled devices requires a new line to be added, as well as a $100 discount on Galaxy Buds 2 with purchase of the phone.

Buy your Galaxy S23 device through a qualifying installation agreement with AT&T and trade in your old device for a discount of up to $800. Even better, to qualify for this discount, the device you are transferring can be a Galaxy S, Note, or Z series smartphone. any year, in any condition, or a different brand phone as long as it costs at least $35. The discount will be applied through monthly account credits for 36 months. Plus, you can get 50% off any Samsung accessory with your phone purchase.

T-Mobile offers several ways to save money on the S23 series right now. You can save $800 by getting the base model for free when you add a new line to your Magenta Max plan. Or save $400 when adding a new line to another qualifying plan. And you can save up to $400 by trading in your old phone while you have it, or by switching to an eligible plan.

Xfinity is offering new customers a $500 discount on their Galaxy S23 when porting to a new line as part of a 24-month plan. And both new and existing customers can save up to $800 on a qualifying exchange.

Walmart offers the Galaxy S23 series with various carrier offerings. Phones activated at the qualifying factory with AT&T or Verizon installments will receive a $250 rebate, plus up to $1,000 rebate through credit accounts (AT&T only) on qualifying exchange. Walmart also has prepaid deals with Verizon’s Straight Talk and Total, offering six months of free service to new customers on an unlimited plan.

Google Fi offers its own trade-in program where you can save up to $799 on the Galaxy S23 and S23 Plus, or up to $899 on the S23 Ultra. Although, unlike some other carriers, Google Fi only accepts new devices in good condition. The discount is applied in the form of monthly bill credits for 24 months, and if you cancel the service before that time, you will have to pay the remaining amount yourself.

Continue Reading

TECH

Positive Grid Introduces Spark Go Ultra-Portable Enhanced Guitar Amplifier

Published

5 hours ago

on

March 23, 2023

By

Positive Grid has a new ultra-portable version of its high-tech Spark guitar amp. Designed for musicians who need a versatile and powerful practice amp, the 3.5″ tall Spark Go works with a companion app loaded with virtual amps, pedals and other effects, and can even flesh out your sound with AI drums and other accompaniments. tools.

Like its predecessors, Spark Go is paired with an iOS/Android app to go far beyond enhancing your strumming and gaming; it digitally enlarges it. It includes 50,000 tones (ranging from boutique to modern), 33 amps and 43 effects and pedals, giving you many new ways to shape your sound. The app can even “jam with you” by listening to your playing and learning from it by creating an appropriate background track. And if you want to learn new tunes, the app can sync with Spotify or Apple Music to display AI-generated chords for the song you hear.

A 2021 review of the Spark Pearl (a larger model in the same line) by Engadget found the app to have some rough edges, including an unconvincing AI drummer. However, the company has had plenty of time to iron this out, so we reserve the right to judge the current iteration until we test it again. After all, you may have heard that generative AI has made some impressive leaps since then.

The amplifier has a solid construction and “extra hard grille” to (at least in theory) live up to its “on the go” brand; Positive Grid says it’s even suitable for pedalboarding. The company suggests laying it flat for omnidirectional sound, or placing it on the edge for “sound in the face.” In addition, it uses computational audio that delivers “surprisingly big, full sound” from its tiny body. (And you can plug in headphones to practice in private.) The amp’s battery supposedly lasts up to eight hours and charges via USB-C. Finally, it supports four presets when you find a mix you want to keep close at hand.

Positive Grid accepts early registration to be notified when Spark Go pre-orders go live. Whenever they open (the company hasn’t announced a date yet), the company will offer the amplifier at an aggressive $109 price point, although it will eventually increase to the recommended $149.

All products recommended by Engadget are selected by our editorial team independently of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are current at the time of publication.

Continue Reading

Trending

Copyright © 2023 Independent Post Media.