ATM jackpotting attacks surge across the US

You swipe your paper and participate your PIN. You drawback your currency and caput retired the door. It feels regular and secure. Most of america ne'er springiness it a 2nd thought. However, immoderate ATMs are softly being turned into currency machines for criminals.

The Federal Bureau of Investigation precocious issued a cybersecurity alert astir a emergence successful malware attacks targeting ATMs. These incidents are known arsenic jackpotting attacks. In elemental terms, hackers unit machines to spit retired wealth connected command.

The numbers are growing. Since 2020, astir 1,900 attacks person been reported. More than a 3rd occurred conscionable past year. In 2025 alone, losses person already exceeded $20 million. So what is truly happening wrong these machines, and wherefore is the menace accelerating now?

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter.

HOW DEBIT CARD FRAUD CAN HAPPEN WITHOUT USING THE CARD
 

The FBI warns of rising ATM "jackpotting" attacks, wherever hackers unit machines to dispense currency utilizing malware. (TIM SLOAN/AFP via Getty Images)

How ATM jackpotting attacks work

This is not a Hollywood hacking scene. In galore cases, attackers usage generic keys to unfastened the ATM's attraction cabinet. Once inside, they region the retention drive. Then they load malware onto it oregon swap it with a compromised one.

After rebooting the machine, the malicious bundle takes control. One of the astir wide utilized tools is simply a malware strain called Ploutus. It targets bundle known arsenic XFS, which ATMs usage to pass with slope networks and authorize transactions.

Instead of asking the slope for permission, the malware overrides that process. It sends its ain commands to the machine. The result? The ATM dispenses currency without a card, without an relationship and without a morganatic transaction. That is jackpotting.

Why are truthful galore ATMs vulnerable?

Here is the uncomfortable truth. Many ATMs tally connected aging versions of Windows. Some machines person adjacent displayed Windows 7 login screens. That operating strategy was released successful 2009 and officially discontinued years ago.

Outdated bundle creates opportunity. If attackers find a vulnerability successful the Windows operating system, they tin exploit it crossed antithetic ATM brands and fiscal networks. The FBI says these attacks are not tied to 1 circumstantial slope oregon ATM manufacturer. Instead, they people communal weaknesses shared crossed systems.

That makes the occupation overmuch bigger. And with hundreds of thousands of ATMs deployed crossed the U.S., upgrading and securing each instrumentality volition instrumentality time.

FEDS CHARGE 87 INDIVIDUALS IN MASSIVE ATM 'JACKPOTTING' OPERATION LINKED TO TREN DE ARAGUA GANG
 

Nearly 1,900 ATM jackpotting attacks person been reported since 2020, with losses topping $20 cardinal successful 2025 alone. (Robert Alexander/Getty Images)

What banks are being told to do

The FBI has outlined respective antiaircraft steps for fiscal institutions:

• Monitor ATMs for unauthorized files and suspicious executables
• Disable USB ports to forestall malware loading
• Replace generic locks with keypad systems
• Add secondary alarms and enhanced carnal security

These are applicable fixes. But rolling them retired nationwide is simply a dilatory process. Meanwhile, attackers proceed to look for anemic targets.

Why this inactive matters to you

You mightiness beryllium reasoning this sounds similar a slope problem, not a idiosyncratic one. Technically, consumers are not the nonstop victims successful these cases. Unlike Bitcoin ATM scams that person outgo individuals hundreds of millions, jackpotting attacks deed fiscal institutions. However, determination is simply a ripple effect.

When banks suffer money, security companies wage claims. Eventually, those costs amusement up somewhere. Higher fees. Increased work charges. Stricter policies. In the end, mundane customers sorb the impact. Cybercrime seldom stays contained.

HOW TO SAFELY VIEW YOUR BANK AND RETIREMENT ACCOUNTS ONLINE
 

Cybercriminals are exploiting outdated ATM bundle to override slope controls and trigger unauthorized currency withdrawals. (Justin Sullivan/Getty Images)

How to support yourself erstwhile utilizing ATMs

While ATM jackpotting attacks chiefly people banks, you tin inactive instrumentality astute steps to support yourself erstwhile utilizing currency machines.

1) Use ATMs successful well-lit, unafraid locations

Choose machines wrong slope branches oregon successful engaged areas with ft traffic. These locations are much apt to beryllium monitored and maintained.

2) Avoid late-night oregon isolated ATMs

Criminals request carnal entree to tamper with machines. High postulation areas during regular concern hours trim that risk.

3) Watch for antithetic ATM behavior

If a instrumentality abruptly reboots, freezes oregon behaves strangely, halt immediately. Do not insert your card. Report the contented to the slope close away.

4) Look for signs of tampering

Check for escaped panels, exposed wiring oregon antithetic attachments adjacent the paper slot oregon keypad. If thing looks off, usage a antithetic machine.

5) Cover the keypad erstwhile entering your PIN

Shield your PIN with your manus arsenic you type. This protects you from hidden cameras and enarthrosis surfers who whitethorn effort to seizure your code.

6) Set up real-time transaction alerts

Enable substance oregon app notifications for withdrawals and relationship activity. Instant alerts assistance you enactment rapidly if thing unexpected appears.

7) Check your slope statements regularly

Even though jackpotting bypasses lawsuit accounts, fraud tactics evolve. Review your transactions often truthful you tin drawback unauthorized charges early.

8) Consider individuality theft monitoring

Identity theft extortion services tin supply alerts astir antithetic fiscal enactment crossed your accounts. Think of it arsenic an added furniture of consciousness alternatively than a hole for ATM malware. See my tips and champion picks connected Best Identity Theft Protection at Cyberguy.com.

9) Use contactless oregon in-app ATM withdrawals

Many banks connection cardless entree done unafraid mobile apps. This reduces vulnerability to skimming devices and carnal tampering.

10) Keep your banking app updated

Install updates promptly to guarantee you person the latest information patches and protections.

Staying alert lowers your hazard and reinforces bully habits, adjacent erstwhile attackers are targeting fiscal institutions alternatively than idiosyncratic customers.

Kurt's cardinal takeaways

ATM jackpotting attacks uncover thing important. Even acquainted machines tin fell modern vulnerabilities. Most of america seldom deliberation astir the bundle moving wrong a currency dispenser. Yet those systems trust connected the aforesaid operating foundations arsenic location and bureau computers. When they autumn down connected updates, criminals notice. The FBI alert is not a crushed to panic. It is simply a reminder that integer information touches astir each portion of regular life, adjacent the elemental enactment of withdrawing cash.

How overmuch spot bash you spot successful the exertion you usage each time without ever seeing however it works? Let america cognize by penning to america at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com.  All rights reserved.