FBI says ATM ‘jackpotting’ attacks are on the rise, and netting hackers millions in stolen cash

The FBI has reported a significant rise in ATM "jackpotting" attacks, where hackers manipulate cash machines to dispense large amounts of money illicitly. Since the first public demonstration of such an attack by security researcher Barnaby Jack in 2010, these attacks have evolved from theoretical exploits into a lucrative criminal enterprise. In 2025 alone, there were over 700 documented jackpotting incidents, resulting in at least $20 million stolen by cybercriminals. The FBI bulletin explains that attackers combine physical methods—such as using generic keys to access ATM hardware—with sophisticated digital techniques, including malware deployment. A notable malware strain called Ploutus exploits vulnerabilities in the ATM's XFS software, which coordinates communication between hardware components like the keypad, card reader, and cash dispenser. By targeting the ATM itself rather than customer accounts, Ploutus enables rapid cash withdrawals that are difficult to detect until after the theft has occurred. This growing threat underscores ongoing security challenges in protecting ATM infrastructure from increasingly advanced and coordinated