Bitcoin ATMs Loaded With Vulnerabilities, Kraken Reveals

Reading Time: 2 minutes
  • Kraken Security Labs have discovered a number of security vulnerabilities in a commonly used Bitcoin ATM model.
  • The findings include possible software and hardware weaknesses.
  • Crypto ransomware attacks have increased by 300% over the last year and a half.

Kraken Security Labs has discovered a number of security vulnerabilities in a commonly used Bitcoin ATM model. The findings include possible software and hardware weaknesses.

Kraken’s Security Labs, the crypto security arm of the leading crypto exchange Kraken, has identified that a particular model of Bitcoin ATMs, known as The General Bytes BATMtwo (GBBATM2), is stacked with various vulnerabilities. The report asserted:

Multiple attack vectors were found through the default administrative QR code, the Android operating software, the ATM management system and even the hardware case of the machine.

GBBATM2’s Widespread Vulnerabilities

Firstly, the majority of the Bitcoin ATMs have the default “Administration Key” QR-code. “When reviewing the code behind the admin interface, we found that it contains a hash of a default factory setting administration key. We purchased multiple used ATMs from different sources and our investigation revealed that each had the same default key configuration,” the report revealed.

This means that anyone with the default QR-code can take over the ATM and change its management server address.

Moreover, the Bitcoin ATM compartment is only protected by a single tubular lock, making it relatively easy to backdoor the device. GBBATM2 is also not shielded with any local or server-side alarm to notify the owner when someone accesses the internal components.

So far, the vulnerabilities would allow a potential exploiter to “compromise the cash box, embed computer, webcam, and fingerprint reader,” which would allow them to collect sensitive user information. However, the vulnerabilities don’t end here as there are multiple security risks with the ATMs’ Android operating system.

Kraken claims that BATMtwo’s Android operating system lacks many rudimentary security features. “We found that by attaching a USB keyboard to the BATM, gaining direct access to the full Android UI is possible – allowing anyone to install applications, copy files or conduct other malicious activities (such as sending private keys to the attacker),” the report asserted.

Crypto Ransomware Attacks Have Increased by 300%

The new security breaches in Bitcoin ATMs are exposed at a time when crypto-ransomware attacks have reached a record new level, rising by over 300% in the past year and a half. As per a report by Chainalysis, ransomware payments have traversed $400 million.

Recently, a number of ransomware attacks shocked the world. On May 7, Colonial Pipeline, the largest petroleum pipeline in the US, revealed that it has been victim to a cybersecurity attack. While the FBI managed to recover some of the paid ransom, the prolonged shutdown of the systems had already caused a number of troubles.

Nevertheless, to address these rising concerns, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has issued an updated advisory, discouraging ransom payments while asking corporations to revisit their security measures and make sure they are safe.