Source image - www.r1news.com.br

On September 29, 2021, Kraken Security Labs said in a blog post that a commonly used model of bitcoin ATMs had several hardware and software vulnerabilities.

Founded in 2011, Kraken is a US-based crypto exchange platform and bank. They have also released several patches to solve the problem but more amendments may be required.

Bitcoin ATMs allow users to buy bitcoin. The second-largest manufacturer of Bitcoin ATMs, General Bytes, represents 22.7% of the global market.

According to Kraken, The model BATMTwo (GBBATM2), had several problems. Some of them included the underlying Android operating software, a default administrative QR code, the machine’s hardware case, and the ATM’s management system.

Kraken has said that several US Bitcoin ATMs still are using the default admin QR codes. It has urged such ATM owners to change the admin QR code to avoid potential attacks on their ATMs.

The blog post posted on Wednesday reads “Multiple attack vectors were found through the default administrative QR code, the Android operating software, the ATM management system and even the hardware case of the machine,”

Mostly, BATM ATMs are located in the Canada and US, with a total number of almost 5,300. Europe has around 824 such ATMs installed.

General Bytes has reported, “Kraken Security Labs reported the vulnerabilities to General Bytes on April 20, 2021, they released patches to their backend system (CAS) and alerted their customers, but full fixes for some of the issues may still require hardware revisions.”

Rushali Das

CBW - External Analyst

INDIA