Becoming Rich with Just One QR Code | Antonio Requena 

August 10 | 5:00pm - 6:00pm

ABSTRACT:

Security in ATMs is a topic that has been discussed several times in the past. However, Bitcoin ATM security is an area that has not been fully explored yet: How do these devices work? Are they secure? How easy is it to achieve full control of them? These are the points that will be discussed during the talk.

In this presentation we’ll present a whitepaper covering the most common security issues we've discovered in ATMs in recent years and how they can be applied to cryptocurrency ATMs.

We’ll present three new CVEs (CVE-2024-0175, CVE-2024-0176, CVE-2024-0177) that can be chained to achieve full control over the Bitcoin ATMs developed by Lamassu, and we’ll shown how, with simple physical access, an attacker can conduct a full jackpot of the ATM*.

We will also explore potential new attacks that can be carried out against cryptocurrency ATMs, and their main differences in terms of security.

Antonio Requena, Senior Security Consultant

Antonio is an experienced senior consultant with a strong background in reverse engineering, malware analysis, incident response, and penetration testing. Antonio has worked with major firms, including Deloitte and Santander Bank, developing threat intelligence programs related to malware analysis, Command and Control (C&C) takedowns and threat actor tracking.

.    .   

@2024 IOActive inc. All Rights Reserved

Privacy Policy

Terms of Use

Disclosure Policy

SERVICES

Full Stack Security Assessments

Secure Development Lifecycle

Red and Purple Team Services

Advisory Services

RESOURCES

Blogs

Disclosures

Library

IOActive Labs

INDUSTRIES

Critical Infrastructure

Energy

Financial Services

Healthcare

Manufacturing

Media & Entertainment

Retail & Consumer Products

Technology

Telecommunications

Transportation

WHO WE ARE

Team

Philanthropy

Press

Events

CAREERS

Contact Us