FBI Reports 700 ATM Jackpotting Attacks Caused $20 Million in Losses in 2025

Post Views: 102

ATM Jackpotting Attacks Result in Significant Financial Losses in the US

A surge in malware-enabled ATM jackpotting attacks has resulted in significant financial losses in the United States, with the Federal Bureau of Investigation (FBI) reporting over $20 million in losses in 2025 alone.

The Ploutus Malware

According to the agency, nearly 1,900 such attacks have been reported since 2020, with more than 700 incidents occurring last year. The attacks involve the physical compromise of ATMs to install malware that instructs the machine’s cash-dispensing module to eject currency.

The malware, often referred to as Ploutus, allows threat actors to gain direct control over the ATM, enabling them to trigger cash withdrawals quickly and discreetly.

Ploutus has been a persistent threat, with its origins dating back over a decade. Although it gained significant attention in 2017 and 2018, its usage had seemingly declined. However, recent incidents suggest that the malware remains widely used.

Indicators of Compromise and Detection Challenges

A map published by the Justice Department last year highlighting the locations of jackpotting incidents in the US indicated that Ploutus was still active. The FBI’s latest alert confirms that Ploutus is still a popular choice among threat actors.

The malware’s ability to be used across different ATM manufacturers with minimal adjustments makes it a versatile tool for attackers. Furthermore, Ploutus is designed to attack the ATM itself, rather than customer accounts, allowing for fast cash-out operations that can be difficult to detect.

The FBI has provided indicators of compromise (IoCs) to help organizations detect Ploutus attacks. However, it is worth noting that the malware is designed to autonomously delete its own code, making it challenging for forensic investigators and bank employees to detect.

Prosecution and Prevention Efforts

US authorities have been actively pursuing those involved in ATM jackpotting operations, prosecuting dozens of individuals, including several Venezuelan nationals who face deportation.

The Justice Department’s efforts to combat ATM jackpotting have led to a significant crackdown on these types of attacks. As the threat of ATM jackpotting continues to evolve, it is essential for organizations to remain vigilant and implement robust security measures to prevent such attacks.

The FBI’s alert serves as a reminder of the importance of monitoring ATMs for suspicious activity and implementing effective incident response plans to minimize potential losses.