立刻保护您的项目
借助最大的web3安全提供商来增强您的项目。
CertiK 安全专家将审核您的请求,并尽快与您联系。
强调

Skynet Crypto ATM Fraud Report

报告 ·安全报告 ·
Skynet Crypto ATM Fraud Report

DOWNLOAD the full report here!

Executive Summary

Crypto ATM fraud is one of the fastest-growing financial crime categories in the United States. Criminal organizations exploit the speed and pseudonymity of crypto kiosks to extract funds from vulnerable populations at an accelerating pace. In the Skynet Crypto ATM Fraud Report, we discuss types of crypto ATM attacks, global statistics, attacker profiles, key enforcement actions, detection and mitigation strategies, and recommendations to protect against these types of fraud.

Key Takeaways

  • Losses at crypto ATMs surged to $333.5 million in 2025, driven by the machines’ speed and irreversibility. The FBI recorded over 12,000 complaints between January and November 2025, a 33 percent increase over the prior year. The United States hosts 78 percent of the world's 45,000 crypto ATMs, and the machines' ability to convert cash to crypto in under five minutes with minimal identity verification makes them the lowest-friction extraction channel available to scammers.
  • Crypto ATMs function as frontend terminals, not standalone devices, and this architecture creates a critical forensic gap. Each kiosk routes transactions through a backend Crypto Application Server (CAS) that releases funds from the operator's commingled hot wallet. The public blockchain records only the operator-to-destination transfer, not the victim's identity. This Attribution Gap means law enforcement must subpoena operator CAS logs to link a physical cash deposit to an on-chain transaction, and the only effective technical intervention is real-time wallet screening at the CAS before the transaction is broadcast.
  • Older adults account for 86 percent of losses, and existing kiosk-level safeguards are failing. The D.C. Attorney General's case against Athena Bitcoin found that 93 percent of deposits on the company's machines were tied to fraud, with a median victim age of 71. On-screen warnings proved ineffective when victims were simultaneously being coached by a scammer on a live call. The case signals that operator awareness of fraud without adequate remediation may trigger enforcement under consumer protection and elder abuse statutes.
  • Transnational criminal organizations are industrializing ATM-based extraction at unprecedented scale. Attackers operate structured organizations with specialized divisions for lead generation, social engineering, and post-transaction laundering. Asian money laundering networks processed an estimated $16.1 billion in illicit crypto flows in 2025, clearing transactions in under two minutes through Telegram-coordinated services based in Southeast Asia.
  • AI-augmented deepfakes and distributed low-value transaction models will erode current defenses. AI-enabled scams were 4.5 times more profitable than traditional methods in 2025. As states implement transaction caps, criminal networks are pivoting to coordinated low-value deposits across dispersed kiosks, staying below regulatory thresholds while maintaining aggregate volume. The legislative response, with at least 14 states enacting or proposing crypto ATM-specific rules, remains fragmented.

Read the full report to learn more about the current state of crypto ATM fraud and what you can do to protect yourself against attacks.

FAQs

How much money was lost to Crypto ATM fraud in 2025?

Losses due to crypto ATM fraud reached $333.5 million in 2025. In our report, we reveal that this massive surge was driven by the machines’ rapid speed and irreversible transactions.

Who is the primary target of Crypto ATM scams?

Older adults comprise 86% of victims. Regarding victim demographics, CertiK's threat intelligence indicates that scammers specifically target this vulnerable population, exploiting them with a median victim age of 71.

What is the "Attribution Gap" in Crypto ATMs?

The attribution gap is the disconnect between physical depositors and on-chain wallets. This forensic hurdle, a concept highlighted in Skynet’s analysis, occurs because ATMs route transactions through centralized backend servers.

How are AI deepfakes changing Crypto ATM fraud?

AI deepfakes make scams 4.5 times more profitable. CertiK's data reveals that transnational networks utilize these sophisticated AI tools to industrialize extraction and bypass traditional security warnings effectively.

相关博客

2026 Skynet Prediction Markets Report
报告 ·行业研究

2026 Skynet Prediction Markets Report

Prediction markets crossed into the mainstream in 2025, with annual trading volume growing 4x and a small number of dominant platforms emerging. Kalshi, Polymarket, and Opinion now control the vast majority of global volume, each pursuing distinct regulatory and technical strategies.

Skynet Wrench Attacks Report
报告 ·安全报告

Skynet Wrench Attacks Report

In 2025, wrench attacks unfortunately crossed a critical threshold. What was once treated as an edge-case risk has become a structural threat to digital asset ownership. Attackers are no longer acting opportunistically; they are operating as organized, transnational groups that combine OSINT-driven targeting, social engineering, and extreme physical violence to extract private keys.

Hack3d: The Web3 Security Report 2025
报告 ·安全报告

Hack3d: The Web3 Security Report 2025

Welcome to the 2025 Skynet Hack3D Report! This report offers deep dives into the exploits, vulnerabilities, and trends that define blockchain and smart contract security. They’re an invaluable resource for anyone seeking to understand the current landscape of Web3 security. Each report contains detailed incident analyses, technical insights, and the most comprehensive statistics on hacks, scams, and exploits in the entire Web3 industry.