Bitcoin ATM Malware for Sale on the Dark Web

Reading Time: 2 minutes

With every financial revolution there comes criminality. Unfortunately, this time around they are coming for cryptocurrencies. Recently 200,000 Mikrotik routers were compromised and hackers implemented secret mining scripts that turn the user’s network into one big crypto mine. However, hackers have now created a Near Field Communications (NFC) enabled card, complete with EVM capabilities that can steal money from crypto ATMs. It exploits a bug in the operating system that enables more than just a wallet ID to be transferred by NFC.
NFC points are usually programmed to only accept a certain type of traffic; however, it appears as if hackers have discovered that some Bitcoin ATMs don’t have this. This has allowed them to load the malware into the system and grab the BTC equivalent of $6,750.

A New Attack on Crypto

Given that the crypto world is still young and growing, there are bound to be teething issues and bugs in the system. Unfortunately, a small handful of individuals exploit these growing pains rather than reporting them to manufacturers for a bug bounty. Crypto is not new to being attacked by criminals, a large number of exchanges have been hit by attacks in recent months, and some have even had to close due to the losses incurred. Most recently, hackers accessed a bug in one of Bancor’s smart contract and managed to withdraw $23.5 million in various cryptos. A more common type of crypto attack is cryptojacking. In China, cryptojackers infected nearly 1 million computers and managed to mine over $2 million worth of various cryptos over a two-year period.

Only a Matter of Time

As crypto ATMs become more common around the world, it was only a matter of time before hackers decided to turn their attention to them. Most recently, Malta installed its first two-way Bitcoin ATM in Sliema. The hacker behind the new cards is selling them for $25,000 each and currently has over 100 positive reviews. If each of those reviewers used the card once, that is still $6,750 worth of cryptos stolen. However, the likelihood is that the people who bought the card have used it multiple times, so they can make their money back and a profit on the side. The actual figure for total theft of Bitcoin through this new card is likely to be closer to $20 million currently, and unless the security flaw is fixed quickly, this figure could escalate.

Crypto Isn’t Alone

While some critics will be swift to hurl abuse at the crypto world and try to say the Bitcoin isn’t safe, the hacker also sells a card that gives users the ability to hack fiat ATMs. Using almost identical technology, the fiat ATM card malware puts the ATM into maintenance mode, disabling all of its alarms. Users can then select to withdraw vast sums of cash and escape. The issue with cash being stolen is that it can’t be tracked. Thankfully, Bitcoin – and all other cryptos for that matter – have their entire transaction history on a public blockchain. This means that the stolen funds can be traced back and eventually recovered – with some government help of course.
Thanks to its superior technology, the stolen Bitcoin will eventually be recovered, and hopefully the Bitcoin ATM providers will roll out a security update to fix the bug. In the meantime, Bitcoin ATM providers could disable the NFC feature of their ATM to keep their machines safe. While this will irritate a few customers, it is better than losing funds, so we certainly hope that they do it.