Saturday, April 5, 2025
Follow us On Linkedin
HomeMalwareMalicious Hackers Selling Malware's Targeting Bitcoin ATMs in the Dark Web Forums

Malicious Hackers Selling Malware’s Targeting Bitcoin ATMs in the Dark Web Forums

Malware

Published on

By Gurubaran
Malicious Hackers Selling Malware’s Targeting Bitcoin ATMs in the Dark Web Forums

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

As the popularity of cryptocurrencies increases attackers shifted the threat landscape cryptocurrencies, they try to exploit all the possible methods to mine and steal cryptocurrencies.

Security researchers from Trend Micro spotted Bitcoin ATM malware through underground forums that allow the user’s to steal bitcoins worth up to 6,750 in U.S. dollars. The malware sold by the dark web user or US$25,000.

Bitcoin ATM

Bitcoin ATM differs from the traditional ATM, it does not connect to a bank account, instead, it connects to the cryptocurrency exchange platform’s that used to buy and sell the cryptocurrencies.

As of now there 3,500 bitcoin ATMs installed around the world, among that 74% in North America. Users can access these ATMs to access the wallets used to store digital currencies by scanning the wallet address or its QR code.

Source : coinatmradar

Bitcoin ATM malware

Researchers spotted an established user offering Bitcoin ATM malware for sale in the underground forums that include the ready-to-use card with EMV and NFC payments support.

The malware is designed to exploit a service vulnerability that allows the user’s to receive bitcoins worth up to 6,750 in U.S. dollars. the seller advertised as “operation does not require any physical access and can be maintained as a normal purchase. Includes the multilanguage manual and Jabber support”

With further analysis, it reveals that the seller offers ATM malware at a regular basis and details on how the malware works and how to exploit the vulnerability.

Also, the researchers spotted the seller offers a range of financial-related malware and compromised accounts and keep on expanding his waves.

Since the start of 2018, those with one eye on the crypto world have noted one thing: coin hacks are becoming more common. As Bitcoin’s value raced towards the $10,000 mark towards the end of 2017, the risk/reward ratio for cybercriminals was too great to ignore.

Since from the start of 2018, the coin hacks are becoming more common. The Bitcoin’s value reached $10,000 mark towards the end of 2017 increases the ratio for cybercriminals was too great to ignore.

Also Read:

Hackers using .NET Malware Called “Evrial” to steals Bitcoins by Abusing the clipboard

North Korean Hacking Group “Lazarus” Targeting Banks & Bitcoin Users Via Sophisticated Malware

New Clipboard Malware Monitors the Windows Clipboard for Cryptocurrency Addresses and Replace its Own Address

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti...
cyber security

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing...
ChatGPT

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of...
cyber security

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM)...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

cyber security

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing...
cyber security

Beware of Clickfix: ‘Fix Now’ and ‘Bot Verification’ Lures Deliver and Execute Malware

A sophisticated browser-based malware delivery method, dubbed ClickFix, has emerged as a significant threat...
cyber security

DeepSeek-R1 Prompts Abused to Generate Advanced Malware and Phishing Sites

The release of DeepSeek-R1, a 671-billion-parameter large language model (LLM), has sparked significant interest...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved