Crypto Users Beware: Trend Micro Discovers Bitcoin ATM Malware In Underground Markets
Tokyo-based security software manufacturer Trend Micro has found Bitcoin (BTC) automated teller machine (ATM) malware available for purchase online.
For evidence, Trend Micro cites an advertisement posted by an apparently established and respected user on a darknet forum. For the price of $25,000, criminals could purchase Bitcoin ATM malware accompanied by a ready-to-use card with EMV and near-field communication (NFC) capabilities.
“Regular ATMs are popular targets for cybercriminals, and we have recently noted a shift away from physical tools such as skimmers to malware-based attacks. Bitcoin ATM malware has so far been much less talked about, perhaps because of the relatively low number of machines currently available globally,”
they wrote. Adding,
“While searching through underground forums, we noticed an apparently established and respected user offering Bitcoin ATM malware.”
Bitcoin ATMs differ from regular ATMs in that there are no set security or verification standards. To use one, a person is required to use his or her identity card and mobile numbers for identity verification, unlike the debit and credit cards used in regular ATMs. The user is then required to input his or her wallet address or scan a provided QR code with his or her mobile phone.
Adding to the problem, crypto wallets are freely available for download from app stores, which piles on to the lack of standards. This makes Bitcoin ATMs a fertile ground for cybercriminals.
The increased popularity of crypto-focused malware stems from the increased popularity of digital currencies in the past year as well as a marked increase in the real-world use of cryptos. It’s, therefore, no surprise that malware targeting Bitcoin ATMs has popped up in underground markets. This is natural and expected. As cryptocurrencies attract more users and their market capitalization continues to grow, the cryptocurrency field should expect to see an increase in mass infections.