Bitcoin ATMs provide a convenient and friendly way for consumers to buy cryptocurrencies, according to a blog post by Kraken on Wednesday.
- Kraken Security Labs have identified multiple hardware and software vulnerabilities in popularly used cryptocurrency ATM: The General Bytes BATMtwo (GBBATM2).
- Multiple attack vectors were discovered through the default administrative QR code, the Android operating software, the ATM management system, and the hardware case of the machine.
- The team of Kraken Security Labs determined that a large number of ATMs are structured with the same default admin QR code, allowing any person with a QR code to go to the ATM and compromise it.
- The team found out a lack of secure boot processes as well as critical vulnerabilities in ATM management systems.
- Kraken Security Labs has two objectives in trying to identify crypto hardware vulnerabilities, namely creating awareness for users around possible security flaws and alerting the product manufacturers to remedy the issue.
Kraken Security Labs identified the vulnerabilities to General Bytes on April 20, 2021, and released patches to fix the backend system (CAS) and alert their customers. BTC USD up +3.77%