Report: Ready-to-Use Malware for Bitcoin ATMs Found for Sale Online
Tokyo-based security software manufacturer Trend Micro has found Bitcoin (BTC) automated teller machine (ATM) malware available for purchase online, according to a blog post published August 7.
In the blog post, Trend Micro cites an advertisement posted by an “apparently established and respected” user on a darknet forum. For the price of $25,000, criminals could purchase Bitcoin ATM malware accompanied by a ready-to-use card with EMV and near-field communication (NFC) capabilities.
EMV chips were originally developed by leading credit card providers to store data on integrated circuits rather than magnetic stripes, while NFC enables two electronic devices to wirelessly exchange information.
The malicious software reportedly exploits a Bitcoin ATM vulnerability, which allows fraudsters to receive the BTC equivalent of up to 6,750 U.S. dollars, euros, or pounds. According to Trend Micro, the seller has received over 100 online reviews both for the malware and other products.
Another forum thread showed that the seller also offers regular ATM malware that has been updated for EMV standards. Further research reportedly revealed that the malware exploits a menu vulnerability to disconnect an ATM from the network in order to disable alarms. In conclusion, Trend Micro suggested