BTC -1.07%
$62,400.54
ETH -0.96%
$2,425.43
SOL -2.39%
$143.20
PEPE -6.90%
$0.0000095
SHIB -3.58%
$0.000017
BNB -0.01%
$570.60
DOGE -3.87%
$0.10
XRP -0.76%
$0.52
Pepe Unchained ($PEPU)
The Hottest Presale

Bitcoin ATM Vulnerability Fixed: Hackers Could Have Gained ‘Full Control’

Bitcoin
Last updated:
Author
Author
Fredrik Vold
Last updated:
Why Trust Cryptonews
With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

Bitcoin

ATM maker Lamassu Industries has successfully addressed a vulnerability that could have granted hackers “full control” over its Bitcoin ATM machines.

The flaw came to light when a team of ethical hackers from security firm IOActive attempted to compromise Lamassu’s Bitcoin ATMs in 2023.

During the process, which the team has documented online, the researchers identified and exploited several vulnerabilities that allowed them to gain full control over the ATMs.

See how IOActive’s researchers took advantage of the vulnerability in the video below:

In comments shared with Cointelegraph, Gunter Ollman, CTO of IOActive, explained that through the exploit, attackers could “view and manipulate interactions with the hijacked ATM.”

This meant that hackers had the potential opportunity to steal Bitcoin from users’ wallets by taking advantage of the identified vulnerabilities.

According to Ollman, a sophisticated attacker could modify the entire user experience, tricking users into performing actions such as entering bank account details.

Ollman assured the community that the attack’s impact would be limited to a user’s account balance, but the potential for social engineering was significant.

Bitcoin ATM Vulnerability Gave Hackers ‘Full Control’

Gabriel Gonzalez, Director of Hardware Security at IOActive, commented that the vulnerability could grant an attacker “full control” over a physical ATM machine.

This included the ability to drain all the money in the ATM and manipulate the note reader to display inaccurate deposit amounts, he said.

The security researchers noted the severity of the vulnerabilities, especially if the ATMs were left unattended in various locations.

Lamassu Industries responded promptly to the findings, deploying a security patch to fix the vulnerabilities before they were publicly disclosed in 2024, and told owners of their Bitcoin ATMs to update their software.

Number of Bitcoin ATMs in decline

As reported earlier this month, the number of installed Bitcoin ATMs worldwide fell in 2023 after having risen every year for more than a decade.

According to data from Coin ATM Radar, the fall was attributed to a notably lower number of machines in the US from 2022 to 2023, while several other regions of the world saw an increasing number of machines.

Crypto ATMs in the US
Source: Coin ATM Radar

The US accounts for 82% of all installed Bitcoin ATMs globally, with 27,621 installed machines as of the end of last year, per Coin ATM Radar’s data.

More Articles

Blockchain News
Assetera and Archax Team up to Distribute Tokenized Assets in Europe 
Tanzeel Akhtar
Tanzeel Akhtar
2024-10-08 09:00:00
Bitcoin News
U.S. Spot Bitcoin ETFs See $235M in Net Inflows, Extending Positive Streak to Two Days
Ruholamin Haqshanas
Ruholamin Haqshanas
2024-10-08 07:40:16