Bitcoin ATMs are a rapidly growing presence in the United States and, some experts say, a rapidly growing cybercrime menace. ATMs dealing in bitcoin are similar to their cash cousins: there are PINs to punch and withdrawal fees, just like any other ATM.
Unlike cash ATMs, though, the high value of crypto makes them prime targets for hackers. So, while a cash ATM tucked away between the snack cakes and energy drinks at a gas station may not draw much attention, a bitcoin ATM gets more scrutiny from bad actors.
“It’s clear that these machines are particularly vulnerable to both physical and cyber threats, making them a prime target for hackers and thieves,” said Timothy Bates, clinical professor of cybersecurityat the University of Michigan’s College of Innovation and Technology.
Bitcoin ATMs can be susceptible to attacks where hackers install malware on the machines to capture private keys, steal funds, or manipulate transactions, which Bates said is “especially concerning for ATMs that may not receive regular software updates or security patches.” Network vulnerabilities are also a weak spot. “If the machine’s network communications are not adequately secured, attackers can intercept data transfers between the ATM and the server, leading to data theft or unauthorized access,” Bates said.
Whether it’s hackers or scammers, the government is sounding the alarm about bitcoin ATMs. The Federal Trade Commission reported this week that scam incidents have risen by 1,000% since 2020.
Ironically, a bitcoin ATM’s risks are directly related to its strengths, according to Joe Dobson, principal analyst at Mandiant, a Google Cloud-owned cybersecurity company. Bitcoin is decentralized, permission-less, and immutable. “A transaction cannot be reversed or recalled if funds are deposited to the wrong address,” Dobson said. And while many crypto bulls find bitcoin’s lack of governance appealing, that can be problematic in ATMs. “There is no governing body within bitcoin dictating who can or cannot run a bitcoin ATM, hence many independent organizations operate the ATMs,” Dobson said.
There are also old criminal tricks that might be reversible in a traditional banking situation, but in the world of bitcoin, that is not so. For example, someone could maliciously slip their personal deposit slips into the stack at the bank, tricking folks into depositing money into their account. “A similar attack can happen with bitcoin ATMs,” Dobson said. “If an attacker compromises a bitcoin ATM, they may change the receiving wallet address (or ‘account number’), effectively stealing user funds.”
But in addition to old tricks, there are newer threats bitcoin ATMs introduce that cash ATMs do not face. Many bitcoin ATMs require personally identifiable information, such as an ID or even a Social Security number to comply with financial industry Know Your Customer (KYC) requirements. This information could be at risk if a bitcoin ATM is compromised.
In Middletown, Ohio, at the Middletown Food Mart in a hollowed-out end of town, a Bitcoin Depot ATM sits opposite a regular cash ATM, blending in among the potato chips, bottled water, and beer. Middletown’s claim to fame lately is as the hometown of Donald Trump’s running mate Ohio Senator J.D. Vance, who has refashioned himself, similar to Trump, as a pro-cryptocurrency warrior. The Middletown Food Mart sits across the street from where Vance grew up.
‘Elon Musk told me to do it.’
Sai Patel, whose family owns Middletown Food Mart, says the bitcoin ATM isn’t very busy.
“Maybe once a month someone comes in to use it,” Patel said. And if it is someone new, Patel will patiently explain how the machine works. He also keeps an eye out for unusual activity. Although the bitcoin ATM isn’t exactly drawing crowds, Patel says a surprising number of senior citizens show up at the kiosk, alarming given the rise of bitcoin ATM scams targeting seniors.
“Elderly people come in and use it,” Patel said.
He described one encounter where an elderly woman entered his shop and headed for the bitcoin ATM, then attempted to send a lot of money somewhere but had questions about using the machine. When Patel asked the woman a few questions as to why, she said, “Elon Musk told me to do it.” Patel quickly realized she had fallen prey to a scam. “I told her, no, no, no, it’s a scam,” Patel said, and he stopped her from dumping her life savings into the machine.
Alice Frei, head of security and compliance at blockchain communications & consulting agency Outset PR, says bitcoin ATM fraud is costly, enhanced by the sometimes shadowy world of crypto.
“Cryptocurrencies are easily exchanged online, often without clear identification of the parties involved. Criminals exploit this anonymity and move money almost invisibly, often employing techniques such as cross-blockchain ‘bridges’ to further obscure transactions,” she said.
And then there’s the fact that an ATM scam probably doesn’t originate in the town where it occurs. “Many crypto exchanges involved in these activities are based offshore, beyond the reach of regulators, making it difficult to trace and recover stolen funds,” Frei added.
Basic steps to avoid bitcoin ATM scams
To protect against these scams, users should be cautious and skeptical of any request to pay through a bitcoin ATM. Legitimate businesses rarely, if ever, demand payment in bitcoin through a machine.
“Verifying the legitimacy of a transaction, particularly checking the recipient’s wallet for connections to questionable entities is crucial,” Frei said, adding that users should also use licensed ATMs from reputable operators to reduce the risk.
Frei said there are steps that users can take to verify the ownership and legitimacy of a bitcoin ATM or parties involved in transactions.
“You can verify the recipient address by checking for flagged activity on platforms like Chainabuse and running an AML check on the address using available tools,” she said, If these tools show the risk score above 70%, it’s advisable to avoid sending money. “Instead, contact the ATM operator or the person who provided the address to clarify the situation,” Frei added.
According to Frei, data shows that nearly 74% of ATMs globally are managed by just 10 operators.
The largest operator of bitcoin ATMs, Bitcoin Depot, operates over 8,000 ATMs. Its CEO Brandon Mintz says the company’s machines are designed to deter hackers. But he also disputes the claims that bitcoin ATMs are major hacking targets.
“Bitcoin ATMs aren’t typically high-priority targets for cybercriminals due to the separation of the hardware and the bitcoin wallet environments,” Mintz said. Bitcoin Depot does not store any bitcoin locally at a bitcoin ATM, and there are many layers of verification and approval processes that prevent unauthorized access to the Bitcoin Depot wallet, he said.
Additionally, Mintz said, most bitcoin ATMs, including Bitcoin Depot’s, only accept cash, so this removes the ability for criminals to use card skimmers like they can install on traditional cash ATMs. However, he says users do need to be aware of scams, and some of the same basic protocols that protect consumers from old-fashioned financial scams apply to the world of cryptocurrency as well.
“Customers of bitcoin ATMs should never send bitcoin or other cryptocurrencies to unknown digital wallets or individuals they don’t know and trust. It’s important to remain vigilant and skeptical of anyone asking for cryptocurrency payments, especially if the request comes with a sense of urgency or threat,” Mintz said.
As the market leader, Bitcoin Depot has been a target of litigation and the company disclosed in its S-1 filing before going public that its users “have been and could be targeted in cybersecurity incidents like an account takeover.” A South Carolina woman sued Bitcoin Depot after falling victim to an alleged cryptocurrency scam. In another instance, authorities in Texas intervened to return money from a Bitcoin Depot ATM after a woman fell victim to a scam.
And that points to a central irony of bitcoin and the bitcoin ATM, products of technology, but ones where the most powerful weapon against fraud isn’t more technology but responsibility, Dobson said. “User responsibility is paramount in cryptocurrency. There is little recompense if something goes awry. The onus is largely on the user to take steps.”
Marek Antoni Iwanczuk | Sopa Images | Lightrocket | Getty Images
Google on Friday made the latest a splash in the AI talent wars, announcing an agreement to bring in Varun Mohan, co-founder and CEO of artificial intelligence coding startup Windsurf.
As part of the deal, Google will also hire other senior Windsurf research and development employees. Google is not investing in Windsurf, but the search giant will take a nonexclusive license to certain Windsurf technology, according to a person familiar with the matter. Windsurf remains free to license its technology to others.
“We’re excited to welcome some top AI coding talent from Windsurf’s team to Google DeepMind to advance our work in agentic coding,” a Google spokesperson wrote in an email. “We’re excited to continue bringing the benefits of Gemini to software developers everywhere.”
The deal between Google and Windsurf comes after the AI coding startup had been in talks with OpenAI for a $3 billion acquisition deal, CNBC reported in April. OpenAI did not immediately respond to a request for comment.
The move ratchets up the talent war in AI particularly among prominent companies. Meta has made lucrative job offers to several employees at OpenAI in recent weeks. Most notably, the Facebook parent added Scale AI founder Alexandr Wang to lead its AI strategy as part of a $14.3 billion investment into his startup.
Douglas Chen, another Windsurf co-founder, will be among those joining Google in the deal, Jeff Wang, the startup’s new interim CEO and its head of business for the past two years, wrote in a post on X.
“Most of Windsurf’s world-class team will continue to build the Windsurf product with the goal of maximizing its impact in the enterprise,” Wang wrote.
Windsurf has become more popular this year as an option for so-called vibe coding, which is the process of using new age AI tools to write code. Developers and non-developers have embraced the concept, leading to more revenue for Windsurf and competitors, such as Cursor, which OpenAI also looked at buying. All the interest has led investors to assign higher valuations to the startups.
This isn’t the first time Google has hired select people out of a startup. It did the same with Character.AI last summer. Amazon and Microsoft have also absorbed AI talent in this fashion, with the Adept and Inflection deals, respectively.
Microsoft is pushing an agent mode in its Visual Studio Code editor for vibe coding. In April, Microsoft CEO Satya Nadella said AI is composing as much of 30% of his company’s code.
The Verge reported the Google-Windsurf deal earlier on Friday.
Jensen Huang, CEO of Nvidia, holds a motherboard as he speaks during the Viva Technology conference dedicated to innovation and startups at Porte de Versailles exhibition center in Paris, France, on June 11, 2025.
The sale, which totals 225,000 shares, comes as part of Huang’s previously adopted plan in March to unload up to 6 million shares of Nvidia through the end of the year. He sold his first batch of stock from the agreement in June, equaling about $15 million.
Last year, the tech executive sold about $700 million worth of shares as part of a prearranged plan. Nvidia stock climbed about 1% Friday.
Huang’s net worth has skyrocketed as investors bet on Nvidia’s AI dominance and graphics processing units powering large language models.
The 62-year-old’s wealth has grown by more than a quarter, or about $29 billion, since the start of 2025 alone, based on Bloomberg’s Billionaires Index. His net worth last stood at $143 billion in the index, putting him neck-and-neck with Berkshire Hathaway‘s Warren Buffett at $144 billion.
Shortly after the market opened Friday, Fortune‘s analysis of net worth had Huang ahead of Buffett, with the Nvidia CEO at $143.7 billion and the Oracle of Omaha at $142.1 billion.
Read more CNBC tech news
The company has also achieved its own notable milestones this year, as it prospers off the AI boom.
On Wednesday, the Santa Clara, California-based chipmaker became the first company to top a $4 trillion market capitalization, beating out both Microsoft and Apple. The chipmaker closed above that milestone Thursday as CNBC reported that the technology titan met with President Donald Trump.
Brooke Seawell, venture partner at New Enterprise Associates, sold about $24 million worth of Nvidia shares, according to an SEC filing. Seawell has been on the company’s board since 1997, according to the company.
Huang still holds more than 858 million shares of Nvidia, both directly and indirectly, in different partnerships and trusts.
Elon Musk meets with Indian Prime Minister Narendra Modi at Blair House in Washington DC, USA on February 13, 2025.
Anadolu | Anadolu | Getty Images
Tesla will open a showroom in Mumbai, India next week, marking the U.S. electric carmakers first official foray into the country.
The one and a half hour launch event for the Tesla “Experience Center” will take place on July 15 at the Maker Maxity Mall in Bandra Kurla Complex in Mumbai, according to an event invitation seen by CNBC.
Along with the showroom display, which will feature the company’s cars, Tesla is also likely to officially launch direct sales to Indian customers.
The automaker has had its eye on India for a while and now appears to have stepped up efforts to launch locally.
In April, Tesla boss Elon Musk spoke with Indian Prime Minister Narendra Modi to discuss collaboration in areas including technology and innovation. That same month, the EV-maker’s finance chief said the company has been “very careful” in trying to figure out when to enter the market.
Tesla has no manufacturing operations in India, even though the country’s government is likely keen for the company to establish a factory. Instead the cars sold in India will need to be imported from Tesla’s other manufacturing locations in places like Shanghai, China, and Berlin, Germany.
As Tesla begins sales in India, it will come up against challenges from long-time Chinese rival BYD, as well as local player Tata Motors.
One potential challenge for Tesla comes by way of India’s import duties on electric vehicles, which stand at around 70%. India has tried to entice investment in the country by offering companies a reduced duty of 15% if they commit to invest $500 million and set up manufacturing locally.
HD Kumaraswamy, India’s minister for heavy industries, told reporters in June that Tesla is “not interested” in manufacturing in the country, according to a Reuters report.
Tesla is looking to recruit roles in Mumbai, job listings posted on LinkedIn . These include advisors working in showrooms, security, vehicle operators to collect data for its Autopilot feature and service technicians.
There are also roles being advertised in the Indian capital of New Delhi, including for store managers. It’s unclear if Tesla is planning to launch a showroom in the city.