"A flash alert published on Thursday by the FBI warns of an increase in malware-enabled ATM jackpotting attacks in the United States. According to the agency, roughly 1,900 ATM jackpotting attacks have been reported since 2020, with more than 700 in 2025 alone. The incidents recorded last year resulted in losses exceeding $20 million. ATM jackpotting attacks involve physical access to the targeted machine to plant malware that instructs its cash-dispensing module to eject currency. The US has cracked down on ATM jackpotting, prosecuting dozens of individuals for various roles in such operations."
""Once Ploutus is installed on an ATM, it gives threat actors direct control over the machine, allowing them to trigger cash withdrawals," the FBI said. "Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that can occur in minutes and are often difficult to detect until after the money is withdrawn." "The malware can be used across ATMs of different manufacturers with very little adjustment to the code as the Windows operating system is exploited during the compromise," the law enforcement agency noted."
An FBI flash alert warns of a rise in malware-enabled ATM jackpotting in the United States, reporting roughly 1,900 attacks since 2020 and over 700 in 2025. Incidents last year caused losses exceeding $20 million. Jackpotting requires physical access to install malware that commands the cash-dispensing module to eject currency. US prosecutors have charged dozens of suspects, many Venezuelan nationals facing deportation. Multiple malware families are used, with Ploutus most frequently named; Ploutus has persisted since its peak in 2017–2018 and remains active. Ploutus grants direct ATM control for rapid cash-outs and can target diverse manufacturers by exploiting Windows. The FBI provided IoCs and recommended mitigations.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]