09 Aug 2018 · 1 min read

Bitcoin ATM Malware Emerges: Security Firm

Malware tailored for bitcoin ATMs have been made available for sale on “the dark web” – the term used to describe underground websites selling various illegal goods and services, IT security firm Trend Micro claims.

Source: iStock/MartialRed

While regular ATMs have long been a target for criminals, fraud related to bitcoin ATMs have so far not become much of a thing. Now, according to the firm, it turns out that for about USD 25,000, criminals can purchase bitcoin ATM malware through online forums. The software reportedly allows a fraudster to receive bitcoins worth up to USD 6,750 each time it is used, by “exploiting a service vulnerability in the bitcoin ATM.”

According to the seller, the malware ships with a card with a built-in chip and near field communication functionality (NFC) “ready-to-use,” and “does not require any physical access.”

The same seller, which appears to be a well-respected member of an underground online forum, also offers various forms of malware for traditional bank ATMs, as well as forged documents on everything from taxes to credit reports.

The particular seller has reportedly received over 100 reviews from customers online, indicating that the expensive piece of malware has generated a substantial income for him, and that it is already being used in several locations around the world.

In conclusion, Trend Micro wrote that “as long as there is money to be made — and there is quite a bit of money in cryptocurrencies — cybercriminals will continue to devise tools and to expand to lucrative new markets.”

At the press time, there were 3,522 Bitcoin ATM's around the world, according to coinatmradar.com data. 74% of them are in North America.

Number of Bitcoin ATM Installed Over Time

Source: coinatmradar.com

In the past, ransomware attacks involving payments in cryptocurrency have been a major problem worldwide. As Cryptonews.com reported on Tuesday, ransomware payments reached at least BTC 22,967 from 2013 to mid-2017, per a research report from TITANIUM, an international project focused on crime and terrorism involving virtual currencies and underground market transactions.