Good day everyone,

I hope you are all well and had an excellent weekend, welcome to CryptoGod-1’s blog on all things crypto. In this post I will be looking at the recent news of the recent fix to the Bitcoin ATMs of Lamassu Industries.

Lamassu Industries

The Bitcoin ATM maker Lamassu Industries has announced its successful fixing of a vulnerability within their Bitcoin ATMs which could have allowed hackers to take 'full control' over the machines. Back in 2023 a team of ethical hackers from security firm IOActive attempted to compromise Lamassu’s Bitcoin ATMs and in doing so they brought the potential flaw to light. During the ethical hack the team identified and exploited several vulnerabilities that allowed them to gain full control over the ATMs, which can be seen in the video below.

The CTO of IOActive, Gunter Ollman, explained that by executing the exploit they were able to both view and manipulate interactions with the hijacked ATM. This would therefore have allowed hackers to potentially steal Bitcoin from users' wallets. Ollman noted that a sophisticated attacker could modify the entire user experience, tricking users into performing actions such as entering bank account details. This means they could have potentially stolen a lot more than just Bitcoin. Ollman went on to assure the community that the attack’s impact would be limited to a user’s account balance, but he did warn that the potential for social engineering was significant.

Director of Hardware Security at IOActive, Gabriel Gonzalez, noted that the vulnerability could grant an attacker “full control” over a physical ATM machine. The hackers could have used the vulnerability to drain all the money in the ATM and manipulate the note reader to display inaccurate deposit amounts. If a Bitcoin ATM was left unattended then the potential for a hacker to manipulate and do as they pleased was a very real threat.

Lamassu Industries responded to the discoveries of flaws in their system by deploying a security patch to fix the vulnerabilities before they were publicly disclosed in 2024. All owners of the Bitcoin ATMs were also informed to update their software.

Globally the number of Bitcoin ATMs have been dropping during 2023, and this came after over a decade of rising numbers year on year. Data from Coin ATM Radar noted that this fall in numbers has been attributed to a notably lower number of machines in the US from 2022 to 2023. Other regions in the world have seen their number of Bitcoin ATMs rise in the same period of time. According to their data the United States accounts for 82% of the worlds Bitcoin ATMs, which equates to 27,621 installed machines as of the end of 2023.

Have a great day.

Peace. CryptoGod-1.

Referral Links and Follow Me:

Linktree