A wave of ATM jackpotting attacks is hitting the United States hard, with the FBI reporting more than 700 incidents in 2025 alone, costing victims over $20 million in stolen cash.
Jackpotting is a type of cyberattack where criminals use malware and physical tampering to force ATMs to spit out cash without touching customer accounts. According to the FBI, roughly 1,900 jackpotting incidents have been reported across the country since 2020, making last year the worst on record.
The FBI has now issued a formal FLASH alert urging banks, credit unions, and ATM operators to strengthen both their physical and digital defenses immediately.
Criminals use a combination of hardware and software tricks to pull off these heists. On the physical side, attackers have been known to use generic keys to unlock ATM front panels and gain access to internal hard drives. Once inside, they plant malware that takes over the machine.
The FBI flagged one particular piece of malware called Ploutus as a major threat. Ploutus targets the Windows operating system that powers many ATMs and exploits software called extensions for financial services (XFS), the system ATMs use to communicate with hardware components like PIN pads, card readers, and cash dispensers.
“Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that can occur in minutes and are often difficult to detect until after the money is withdrawn,” the FBI bulletin states.
The attacks are especially hard to stop because they move so quickly. Once Ploutus is installed, criminals can drain an ATM in minutes. The malware gives hackers full control of the machine, letting them issue commands that trick the dispenser into releasing cash on demand.
The FBI is urging financial institutions to act fast. The agency recommends reviewing the indicators of compromise outlined in the FLASH alert, upgrading physical security on ATM machines, and updating software safeguards to close known vulnerabilities. The full FBI bulletin is available online and contains detailed guidance on mitigation strategies.
Recent Comments