Security News

Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed
2024-12-12 16:02

US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]

Criminals Are Blowing up ATMs in Germany
2024-10-28 16:12

It’s low tech, but effective. Why Germany? It has more ATMs than other European countries, and—if I read the article right—they have more money in them.

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists
2024-10-15 14:43

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed...

New FASTCash malware Linux variant helps steal money from ATMs
2024-10-14 22:15

North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. [...]

FTC: Over $110 million lost to Bitcoin ATM scams in 2023
2024-09-03 20:40

​The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023. [...]

Android malware uses NFC to steal money at ATMs
2024-08-22 09:00

ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack...

“Grab hold and give it a wiggle” – ATM card skimming is still a thing
2023-08-15 20:18

Ironically, perhaps, bank cash machines, better known as ATMs, make a perfect location for card skimming equipment. ATMs almost always grab onto your card mechanically and draw it right into the machine, out of sight and reach.

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking
2023-08-15 16:44

Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The issues have been addressed in ScrutisWeb version 2.1.38.

Attackers hit Bitcoin ATMs to steal $1.5 million in crypto cash
2023-03-23 09:02

According to General Bytes, the outfit that sold the ATMs and had managed some of them with a cloud service, the attackers used an interface designed to upload videos to instead inject a malicious Java application, and then subverted ATM user privileges. "The entire team has been working around the clock to collect all data regarding the security breach and is continuously working to resolve all cases to help clients back online and continue to operate their ATMs as soon as possible," General Bytes explained in a statement.

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
2023-03-21 06:55

Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges," the company said in an advisory published over the weekend.