What is ATM jackpotting?

ATM jackpotting is a criminal technique where hackers force cash dispensers to rapidly spit out money without deducting funds from customer accounts.

How much money did hackers steal through ATM jackpotting in 2025?

Hackers reportedly stole at least $20 million through ATM jackpotting attacks in 2025.

What is the Ploutus malware?

Ploutus is a malware that targets ATMs, granting hackers full control to disburse cash by exploiting the Windows operating system and XFS software.

Home / Crime and Justice / FBI Warns of Rampant ATM Jackpotting Malware

FBI Warns of Rampant ATM Jackpotting Malware

20 Feb

•

Summary

Hackers stole over $20 million from ATMs in 2025.
Malware like Ploutus forces ATMs to dispense cash without account deduction.
Attacks leverage physical access and targeting of Windows OS.

FBI Warns of Rampant ATM Jackpotting Malware

ATM jackpotting, a technique first demonstrated in 2010, has transformed into a major criminal enterprise. Hackers rapidly escalated their attacks in recent years, with the FBI reporting over 700 incidents in 2025. These attacks resulted in at least $20 million in stolen cash.

Criminals employ a combination of methods, including gaining physical access to ATM components and deploying malicious software. One prominent malware, Ploutus, is effective against various ATM manufacturers by exploiting the Windows operating system. Ploutus grants full control, enabling ATMs to disburse cash without debiting customer accounts.

The malware specifically targets the XFS software used by ATMs to communicate with hardware. This allows for swift cash-out operations that can be completed in minutes and often go unnoticed until after the funds are gone. Previous security research had already identified vulnerabilities in XFS software that hackers could exploit.

Disclaimer: This story has been auto-aggregated and auto-summarised by a computer program. This story has not been edited or created by the Feedzop team.