Gabriel Gonzalez, IOActive Director of Hardware Security, will be speaking at this year’s RootedCON taking place March 6 – 8 in Madrid, Spain.
“Una de las primeras premisas fue mantener de forma rígida el principio de neutralidad que ha caracterizado cada una de sus ediciones. En Rooted CON pudieron, pueden y podrán hablar y presentar sus ideas los miembros de la comunidad de seguridad, estudiantes, profesionales, empresas, aficionados, fuerzas del estado, hackers y, por qué no, artistas y académicos.”
Gabriel’s Talk Focus:
The focus of this research was Lamassu’s Douro Bitcoin ATM, where we uncovered critical vulnerabilities (CVE-2024-0175, CVE-2024-0176, CVE-2024-0177) that let us take full control of the machine. Starting with just the same physical access as a regular user, we found that a small window during boot allowed access to the system’s terminal. From there, we used some clever tricks—like crafting a custom QR code to bypass the lack of a keyboard—to execute a payload and gain root access. In this talk, I’ll walk you through how we did it, what it means for ATM security, and how we can jackpot an ATM with just a QR code.