The vulnerability came to light in 2023 when a team of cybersecurity specialists from IOActive conducted an experiment by attempting to hack into the security systems of Lamassu Industries’ cryptomats. During the experiment, the researchers successfully identified and exploited multiple critical vulnerabilities, gaining remote access to the interface management.
Gunter Ollman, CTO of IOActive, stated that this exploit allowed them to surveil, intercept, and redirect sensitive transaction information during user operations. Furthermore, they were able to manipulate user actions by replacing the interface of the cryptocurrency machines, effectively acquiring all the bank account data and stealing assets.
In instances where physical access to a crypto ATM was possible, attackers not only had the ability to steal cryptocurrency assets but could also manipulate the device to drain all its cash or credit the account with an amount larger than what was actually deposited.
Lamassu Industries has recently announced that they have addressed the vulnerability by implementing software patches and modifications to their systems.
In a separate incident, a group of unidentified digital hackers managed to steal approximately 70,000 selfie portraits and confidential data belonging to over 300,000 clients of the Coin Cloud Bitcoin ATM network. This information was revealed by cybersecurity experts affiliated with the vx-underground group.