FBI says ATM 'jackpotting' attacks are on the rise, and netting hackers millions in stolen cash
Key Points:
- ATM jackpotting, the act of hacking ATMs to dispense cash illicitly, has evolved from a security research demonstration in 2010 to a significant criminal enterprise by 2025.
- The FBI reported over 700 ATM attacks in 2025 alone, resulting in at least $20 million stolen through a combination of physical access and malware-based methods.
- A key malware named Ploutus targets the Windows operating system used by many ATMs, exploiting the XFS software that controls communication between ATM hardware components.
- Ploutus enables hackers to command ATMs to dispense cash rapidly without debiting customer accounts, making these attacks quick and difficult to detect until after the theft.
- The FBI bulletin highlights the ongoing vulnerabilities in