FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

Vaibhav February 20, 2026
FBI-Reports-1-900-ATM-Jackpotting-Incidents-Since-2020-20M-Lost-in-2025data-4
Post Views: 98

ATM Jackpotting Incidents on the Rise

A recent warning from the U.S. Federal Bureau of Investigation (FBI) highlights a growing trend in ATM jackpotting incidents, which have resulted in losses exceeding $20 million in 2025 alone. According to the agency, nearly 1,900 such incidents have been reported since 2020, with 700 occurring last year.

The Role of Malware in Jackpotting Attacks

The FBI attributes the success of these attacks to the exploitation of physical and software vulnerabilities in ATMs, often through the use of specialized malware. One such malware, known as Ploutus, has been observed granting threat actors complete control over compromised ATMs, enabling them to trigger cash-outs that can occur in a matter of minutes.

Ploutus, first detected in Mexico in 2013, exploits the eXtensions for Financial Services (XFS) layer, which instructs an ATM on physical actions to perform. By issuing commands to XFS, threat actors can bypass bank authorization and instruct the ATM to dispense cash on demand.

Scope of the Problem

The malware’s ability to interact directly with ATM hardware allows it to evade security controls present in the original ATM software. The FBI notes that Ploutus can be used against ATMs from various manufacturers, as the underlying Windows operating system is exploited during the attack.

This has led to a significant increase in jackpotting incidents, with the U.S. Department of Justice reporting that approximately $40.73 million has been collectively lost to such attacks since 2021.

Mitigating the Risks

To mitigate these risks, the FBI recommends that organizations implement various security measures, including:

  • Installation of threat sensors and security cameras
  • Use of automatic shutdown modes and device allowlisting
  • Audit of ATM devices
  • Change of default credentials
  • Configuration of security controls to detect and prevent jackpotting attacks

Conclusion

The rise in ATM jackpotting incidents highlights the need for increased vigilance and cooperation between financial institutions, law enforcement, and security professionals to prevent and respond to these types of attacks. By implementing robust security measures and staying informed about emerging threats, organizations can reduce the risk of falling victim to jackpotting attacks and protect their customers’ assets.



About Author

Vaibhav

See author's posts

More Stories

Janela-RAT-Malware-Steals-Financial-Data-via-Browser-Extensions

Janela RAT Malware Steals Financial Data via Browser Extensions

Vaibhav April 15, 2026
India-Sees-Rise-in-Unwanted-Calls-Despite-Strengthened-Telecom-Regulations

India Sees Rise in Unwanted Calls Despite Strengthened Telecom Regulations

Vaibhav April 15, 2026
Bombay-High-Court-Declares-Unauthorized-Conversation-Recording-a-Cybercrime

Bombay High Court Declares Unauthorized Conversation Recording a Cybercrime

Vaibhav April 15, 2026

Latest Cyber Security News

Not-All-CISO-Roles-Are-Equally-Demanding-and-Challenging-Insights-from-ESET-Mimecast-at-RSAC

Not All CISO Roles Are Equally Demanding and Challenging: Insights from ESET, Mimecast at RSAC

Vaibhav April 15, 2026
Sitehops-SAFEcore-Edge-Offers-Ultra-Low-Latency-Post-Quantum-Encryption-Solutions

Sitehops SAFEcore Edge Offers Ultra-Low Latency Post Quantum Encryption Solutions

Vaibhav April 15, 2026
IPL-Ticket-Scam-Woman-Loses-52-500-Using-Fake-QR-Codes-in-Bengaluru

IPL Ticket Scam: Woman Loses ₹52,500 Using Fake QR Codes in Bengaluru

Vaibhav April 15, 2026
India-s-Largest-Cryptocurrency-Scandal-Worth-17-000-Crore

India’s Largest Cryptocurrency Scandal Worth ₹17,000 Crore

Vaibhav April 15, 2026
Microsoft-Resolves-Critical-Bug-Affecting-Automatic-Windows-Server-2025-Updates

Microsoft Resolves Critical Bug Affecting Automatic Windows Server 2025 Updates

Vaibhav April 15, 2026
en_USEnglish
en_USEnglish