Bitcoin (BTC) ATM provider Lamassu Industries has discovered a flaw in its Bitcoin ATMs. Gunter Ollman, chief technology officer at IOActive, said the vulnerabilities allowed attackers to easily steal Bitcoins from users via the ATM.
Blackrock’s Bitcoin ETF hits $1 billion milestone
Hackers could have gained full access
The Lamassu Industries vending machine Bitcoin flaw gave hackers unfettered access to steal Bitcoin from users. Ollman further said that the flaw allowed attackers to view and manipulate the ATM. He also stated the following:
“With sufficient preparation, a hacker could alter or replace the entire ATM user experience. The user can be manipulated to perform additional actions.”
Additional actions include, for example, additionally entering bank account information to receive offers. According to Ollman, these offers are free Bitcoin or a discount when purchasing Bitcoin. Additionally, Gabriel Gonzalez, director of hardware security at IOActive, said that the Crypto Machine could also be emptied. For example, hackers could mislead the user by displaying a higher amount of money than was actually deposited.
Ethical hackers find vulnerabilities
A team of ethical hackers from IOActive have found several vulnerabilities. An ethical hacker is someone who looks for vulnerabilities in software and hardware and properly reports them to companies or governments.
Last year, ethical hackers attempted to gain access to Bitcoin ATMs to identify any vulnerabilities. This worked and they were able to gain access to the ATM camera, for example, as shown in the photo below.
Bitcoin receives significant criticism from JPMorgan CEO
Bitcoin ATM bug fixed
Although the ATM error could have potentially had serious consequences for users, it has since been resolved. The ATM provider implemented a security patch before publicly disclosing the flaw.
Lamassu Industries has also warned ATM owners and indicated that they will adjust security measures. This prevents hackers from gaining access in the future.
Post views: 0