Welcome, Guest
Username: Password: Remember me
Crypto Traders & arb
  • Page:
  • 1

TOPIC:

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes 1 week 2 days ago #235

  • randy
  • randy's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 5
  • Thank you received: 0
Kraken has urged BATMTwo ATM owners and operators to change the admin QR code for their ATMs to avoid potential attacks.
Kraken Security Labs has said that a “large number” of Bitcoin (BTC) ATMs are vulnerable to hacking, as the administrators never changed the default admin QR code.

In a Wednesday blog post, Kraken posted research from its Security Labs team, which found that there are “multiple hardware and software vulnerabilities” in the General Bytes BATMTwo ATM range.

“Multiple attack vectors were found through the default administrative QR code, the Android operating software, the ATM management system and even the hardware case of the machine,” the post read.

Kraken’s security team stated that if a hacker gets their hands on the administrative code, they can essentially “walk up to an ATM and compromise it,” while also highlighting issues with the BATMTwo’s lack of secure boot mechanisms, as well as “critical vulnerabilities” in the ATM’s management system. However, General Bytes has reportedly already alerted ATM owners to the vulnerabilities:

“Kraken Security Labs reported the vulnerabilities to General Bytes on April 20, 2021, they released patches to their backend system (CAS) and alerted their customers, but full fixes for some of the issues may still require hardware revisions.”

Source : preiposwap.com/vulnerable-kraken-reveals...ault-admin-qr-codes/

Please Log in or Create an account to join the conversation.

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes 1 week 2 days ago #236

Thanks for the information
I would like add some more info here.

Kraken Security Labs has said that a “large number” of Bitcoin ATMs are vulnerable to hacking as the administrators never changed the default admin QR code.
In a Sept. 29 blog post, Kraken posted research from its Security Labs team which found that there are “multiple hardware and software vulnerabilities” in the General Bytes BATMTwo ATM range.

Please Log in or Create an account to join the conversation.

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes 1 week 2 days ago #237

“A number of assault vectors had been discovered via the default administrative QR code, the Android working software program, the ATM administration system and even the {hardware} case of the machine,” the publish learn.

Kraken’s safety workforce acknowledged that if a hacker will get their arms on the executive code, they will basically “stroll as much as an ATM and compromise it,” whereas additionally highlighting points with the BATMtwo’s lack of safe boot mechanisms, in addition to “important vulnerabilities” within the ATM’s administration system. Nevertheless, Common Bytes has reportedly already alerted ATM homeowners to the vulnerabilities:

Please Log in or Create an account to join the conversation.

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes 1 week 2 days ago #238

The staff additionally discovered that it was capable of achieve full entry to the Android working system behind the BATMTwo ATM by merely attaching a USB keyboard to the machine, and warned that “anyone” may “install applications, copy files or conduct other malicious activities.”

General Bytes is headquartered within the Czech Republic and, in line with Coin ATM Radar, there are at present 6391 General Bytes ATMs installed worldwide, which represents 22.7% of the global market. However, these figures additionally account for BATMThree machines which weren’t reported on by Kraken.

Please Log in or Create an account to join the conversation.

Vulnerable: Kraken reveals many US Bitcoin ATMs still use default admin QR codes 1 week 2 days ago #239

The team also found that they were able to gain full access to the Android operating system behind the BATMTwo ATM by simply plugging a USB keyboard into the device and warning that “everyone” was installing apps, copying files, or any other malicious activity that could be done.” General Bytes is headquartered in the Czech Republic and currently has 6,391 General Bytes ATMs worldwide, according to Coin ATM Radar, which makes up 22.7% of the world market. However, the figure also takes into account the BATThree engine which Kraken has not yet reported on. Most of the BATM ATMs are located in the US and Canada with a total of about 5,300, while in Europe there are about 824 ATMs installed. Kraken urges BATMTwo owners and operators to change the default administrator code, update CAS servers and make ATMs visible to security cameras.

Please Log in or Create an account to join the conversation.

  • Page:
  • 1
Time to create page: 0.122 seconds