FBI warns of ATM jackpotting attacks draining cash
NEWYou can now listen to Fox News articles!
You swipe your card and enter your PIN. You collect your money and walk out. It seems routine and secure. Most of us never think about it. However, some ATMs are quietly transformed into ATMs for criminals.
The Federal Bureau of Investigation recently issued a cybersecurity alert regarding an increase in malware attacks targeting ATMs. These incidents are known as jackpotting attacks. Simply put, hackers force machines to cough up money on command.
The numbers are increasing. Since 2020, nearly 1,900 attacks have been reported. More than a third occurred last year. In 2025 alone, losses have already exceeded $20 million. So what’s really going on inside these machines, and why is the threat accelerating today?
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
HOW DEBIT CARD FRAUD CAN HAPPEN WITHOUT USING THE CARD
The FBI is warning of an increase in ATM “jackpotting” attacks, where hackers force machines to dispense cash using malware. (TIM SLOAN/AFP via Getty Images)
How ATM Jackpotting Attacks Work
This is not a Hollywood hacking scene. In many cases, attackers use generic keys to open the ATM maintenance cabinet. Once inside, they remove the storage drive. Then they load malware into it or swap it with compromised software.
After restarting the machine, the malware takes control. One of the most widely used tools is a malware strain called Ploutus. It targets software known as XFS, which ATMs use to communicate with banking networks and authorize transactions.
Instead of asking the bank for authorization, the malware skips this process. It sends its own commands to the machine. The result? The ATM dispenses money without a card, without an account and without a legitimate transaction. It’s a jackpot.
Why are so many vending machines vulnerable?
Here’s the uncomfortable truth. Many ATMs run on aging versions of Windows. Some machines even displayed Windows 7 login screens. This operating system was released in 2009 and officially discontinued years ago.
Outdated software creates opportunities. If attackers discover a vulnerability in the Windows operating system, they can exploit it across different ATM brands and financial networks. The FBI says these attacks are not linked to any specific bank or ATM manufacturer. Instead, they target common weaknesses shared by all systems.
This makes the problem even more serious. And with hundreds of thousands of vending machines deployed across the United States, upgrading and securing each machine will take time.
Federal Government Charges 87 Individuals in Massive ATM “Jackpotting” Operation Linked to TREN DE ARAGUA Gang
Nearly 1,900 ATM jackpotting attacks have been reported since 2020, with losses exceeding $20 million in 2025 alone. (Robert Alexandre/Getty Images)
What banks are told to do
The FBI has outlined several defensive measures for financial institutions:
- Monitor ATMs for unauthorized files and suspicious executables
- Disable USB ports to prevent malware from loading
- Replace generic locks with keypad systems
- Add secondary alarms and enhanced physical security
These are practical solutions. But rolling it out nationally is a slow process. Meanwhile, attackers continue to look for weak targets.
Why does this still matter to you?
You may think this is a banking problem, not a personal one. Technically, consumers are not the direct victims in these cases. Unlike Bitcoin ATM scams that have cost individuals hundreds of millions, jackpot attacks are hitting financial institutions. However, there is a ripple effect.
When banks lose money, insurance companies pay the claims. Eventually, these costs show up somewhere. Higher fees. Increase in service fees. Stricter policies. Ultimately, everyday customers absorb the impact. Cybercrime rarely remains under control.
HOW TO CONSULT YOUR BANK AND RETIREMENT ACCOUNTS ONLINE IN COMPLETE SECURITY
Cybercriminals are exploiting outdated ATM software to bypass bank controls and trigger unauthorized cash withdrawals. (Justin Sullivan/Getty Images)
How to protect yourself when using ATMs
Even though ATM jackpotting attacks primarily target banks, you can still take smart steps to protect yourself when using ATMs.
1) Use ATMs in well-lit and secure areas
Choose ATMs at bank branches or in busy, pedestrian areas. These locations are more likely to be monitored and maintained.
2) Avoid ATMs at night or isolated
Criminals need physical access to manipulate machines. High traffic areas during normal business hours reduce this risk.
3) Watch for unusual ATM behavior
If a machine suddenly restarts, freezes, or behaves strangely, shut it down immediately. Do not insert your card. Report the problem to the bank immediately.
4) Look for signs of tampering
Check for loose panels, exposed cables, or unusual attachments near the card slot or keyboard. If something goes wrong, use another machine.
5) Cover the keypad when entering your PIN
Protect your PIN with your hand while typing. This protects you from hidden cameras and Internet users who might try to capture your code.
6) Set up real-time transaction alerts
Enable SMS or app notifications for withdrawals and account activity. Instant alerts help you act quickly if something unexpected happens.
7) Check your bank statements regularly
Even if the jackpot bypasses customer accounts, fraud tactics are evolving. Review your transactions often so you can quickly spot unauthorized charges.
8) Consider identity theft monitoring
Identity theft protection services can provide alerts about unusual financial activity on your accounts. Think of it as an added layer of awareness rather than a fix for ATM malware. Check out my tips and top picks on the best identity theft protection at Cyberguy.com.
9) Use contactless or in-app ATM withdrawals
Many banks offer cardless access via secure mobile apps. This reduces exposure to skimming devices and physical tampering.
10) Keep your banking app up to date
Install updates quickly to ensure you have the latest security patches and protections.
Staying vigilant reduces your risks and reinforces good habits, even when attackers target financial institutions rather than individual customers.
Kurt’s Key Takeaways
ATM jackpotting attacks reveal something important. Even familiar machines can hide modern vulnerabilities. Most of us rarely think about the software running in an ATM. However, these systems are based on the same operating bases as personal and professional computers. When they fall behind on updates, criminals notice. The FBI alert is no reason to panic. It’s a reminder that digital security touches almost every aspect of daily life, even the simple act of withdrawing money.
How much trust do you place in the technology you use every day without ever seeing how it works? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
Copyright 2026 CyberGuy.com. All rights reserved.
