Bitcoin ATMs Targeted by Malware for Sale in Underground Markets

Malware aimed at Bitcoin ATMs is being sold in underground markets, according to Trend Micro security researchers. For $25,000, malware exploiting a service vulnerability allows users to nab bitcoin price equivalent in euros, USD, or British pounds.

Also read: Bitcoin’s Hopeful Numbers: 70% Familiar in the United States

For $25,000, Bitcoin ATM Malware is Available on Underground Markets

Senior Threat Researcher at Trend Micro, the firm alerting enthusiasts, Fernando Mercês, explained, “Unlike regular ATMs, there is no single set of verification or security standards for Bitcoin ATMs. For example, instead of requiring an ATM, credit, or debit card for transactions, a Bitcoin ATM involves the use of mobile numbers and ID cards for user identity verification.”

“The user then has to input a wallet address or scan its QR code,” Mr. Mercês continued. “The wallets used to store digital currencies are not standardized either and are often downloaded from app stores, posing another security problem.” Crypto is bought through Near-Field Communication, Europay, and Visa/Mastercard pre-written cards sold to malware purchasers.

Bitcoin ATMs are cresting at something close to 3,500 around the world, and, of course, malware is borderless. This particular strain is limited to languages such as German, English, and Russian. These tongues correspond to where Bitcoin ATMs are mostly clustered, as the devices are not evenly distributed.

Popularity Breeds Criminal Attention

Adoption in German speaking nations runs about 150 devices over 30 locations. For Russian speakers in the Federation and Ukraine, more than four dozen locations house machines with which such malware would be a potential threat. English speaking countries are the most target rich, as between the United Kingdom (171) and the United States (2,166) they house more than 2,300 Bitcoin ATMs.

Researchers stress standardization, the absence of it in fact, is among the biggest problems facing Bitcoin ATM security. Trend Micro claims sellers of the malware have been reviewed more than 100 times, which might mean the information is spreading. Sellers have openly sought to split the malware’s fee among conspirators, offering something akin to a revenue sharing scheme.



Trend Micro concluded, “As long as there is money to be made — and there is quite a bit of money in cryptocurrencies — cybercriminals will continue to devise tools and to expand to lucrative new ‘markets.’ As the number of Bitcoin ATMs grows, we can expect to see more forms of malware targeting cryptocurrency ATMs in the future.”



Would you or have you used a Bitcoin ATM? What was your experience like? Let us know in the comments section below.

Images courtesy of Shutterstock and Trend Micro for insets.

Need to calculate your bitcoin holdings? Check our tools section.