Bitcoin machines are not yet a worthwhile target
Security experts have complained at a German hacking meeting that there are still major gaps in the security of classical ATMs. Bitcoin exchange machines, on the other hand, are still uninteresting for criminals. Bitcoin vending machines have been doing their work for the first time in commercial Vancouver. In Europe, for example, they entered Berlin, Helsinki and Stockholm. Crypto-gadget-based devices have so far not been seriously targeted by hackers. “We have not investigated such devices yet,” said Alexey Osipov of Kaspersky Lab’s IT security team yesterday at the 33rd Chaos Communication Congress (33C3) in Hamburg. Regular rights Exchange machines, which can be bought against cash bitcoins, are still very rare. They are, therefore, currently “not very interesting for criminals”.
The Russian anti-virus company had published an analysis in the spring, according to which nearly all classical ATMs are vulnerable to direct physical access beyond skimming as well as attacks from afar. Among other things, this has to do with the fact that on those devices “usually Microsoft Windows and often XP” runs, Osipov’s colleague Olga Kochetova explained to the assembled hacker community. The standard version of this operating system has not been supplied with security updates since 2014. Among other things, there is a lack of encryption.
The security expert introduced a demo video, in which an attacker installed an old malware on a PC in a cash machine, connected a Raspberry Pi microcomputer via a network cable, and could control the machine and free it with empty cards and PINs. “Jackpot”, she signaled, because after the clean up not even physical traces for investigators remained.by