Ethical Hacking News
The FBI has warned of a significant rise in ATM jackpotting incidents across the country, resulting in over $20 million lost to cybercriminals since 2021. The agency has outlined measures organizations can take to mitigate these risks and protect themselves from such threats.
The FBI has warned about a rise in ATM jackpotting incidents across the US, with losses over $20 million in 2025. There have been 1,900 reported instances of ATM jackpotting since 2020, with 700 cases in 2025 alone. The FBI recommends tightening physical security, auditing devices, and changing default credentials to prevent jackpotting attacks. Malware, such as Ploutus, is used to exploit vulnerabilities in ATMs and dispense cash without a legitimate transaction. Ploutus can be deployed using two methods: removing the hard drive and rebooting, or attaching a foreign hard drive with malware. The FBI emphasizes adopting proactive security measures, such as staying up-to-date with security patches and maintaining logs.
The United States Federal Bureau of Investigation (FBI) has sounded a warning alarm regarding the alarming rise in ATM jackpotting incidents across the country, with losses amounting to over $20 million in 2025 alone. This trend is part of a broader concern for cybercrime and financial security that the FBI has been closely monitoring since 2020.
According to recent reports from the FBI, there have been 1,900 instances of ATM jackpotting incidents reported since 2020, out of which a staggering 700 cases took place in 2025. The U.S. Department of Justice (DoJ) also warned that since 2021, collectively over $40 million has been lost to jackpotting attacks.
In an effort to mitigate these risks and protect financial institutions from these types of cyberattacks, the FBI provided a list of recommendations that organizations can adopt to minimize jackpotting risks. The measures outlined by the FBI include tightening physical security by installing threat sensors, setting up security cameras, and changing standard locks on ATM devices.
Furthermore, auditing ATM devices, changing default credentials, configuring an automatic shutdown mode once indicators of compromise are detected, enforcing device allowlisting to prevent connection of unauthorized devices, and maintaining logs are also key components in the mitigation strategy against jackpotting attacks.
The deployment of malware is another critical component in these malicious attacks. A type of malware known as Ploutus has been identified as being particularly effective at exploiting vulnerabilities in ATMs and dispensing cash without a legitimate transaction. The malware works by interacting directly with the ATM hardware, thereby bypassing security controls present in the original ATM software.
Another key feature of this malware is its ability to be deployed using two different methods: removing the ATM's hard drive and either connecting it to their computer or copying it to the hard drive, attaching it back to the ATM, and rebooting it. Alternatively, a foreign hard drive preloaded with the malware can be attached to the ATM in place of the original one and then rebooted.
Regardless of the method used, the end result is always the same: the malware takes control of the ATM, allowing cybercriminals to trigger cash-outs that are harder to detect until after the money has been withdrawn. In some cases, it has even been observed that once installed, Ploutus grants threat actors complete control over an ATM, enabling them to dispense cash out in minutes.
The FBI has outlined a comprehensive list of measures that organizations can adopt to protect themselves from these types of cyberattacks and minimize losses to jackpotting attacks. These measures range from tightening physical security by installing threat sensors and security cameras to changing default credentials and enforcing device allowlisting to prevent unauthorized access.
In addition, organizations are encouraged to audit ATM devices regularly, configure automatic shutdown modes once indicators of compromise are detected, and maintain logs to monitor for suspicious activity.
Furthermore, the FBI has also emphasized the importance of adopting a proactive approach in securing ATMs against these types of attacks. This includes staying up-to-date with the latest security patches and ensuring that all software is current to prevent exploitation of vulnerabilities by cybercriminals.
The rise of ATM jackpotting incidents highlights the need for organizations and financial institutions to prioritize cybersecurity measures in protecting themselves from such threats. By understanding the tactics, techniques, and procedures (TTPs) used by cybercriminals in these attacks, and adopting a proactive approach to securing ATMs against these types of malicious activity, it may be possible to mitigate losses and prevent future jackpotting incidents.
The FBI's warnings come as no surprise given the growing trend of ATM jackpotting incidents that have been reported over the past few years. These types of cyberattacks have become increasingly sophisticated and are now capable of dispensing large sums of cash without a legitimate transaction.
In conclusion, the rise in ATM jackpotting incidents highlights the need for organizations to prioritize cybersecurity measures in protecting themselves from these types of threats. By understanding the tactics used by cybercriminals and adopting a proactive approach to securing ATMs against these types of malicious activity, it may be possible to minimize losses and prevent future jackpotting incidents.
Related Information:
https://www.ethicalhackingnews.com/articles/FBI-Warns-of-Rampant-ATM-Jackpotting-Incidents-20M-Lost-to-Malicious-Attacks-Since-2021-ehn.shtml
Published: Fri Feb 20 03:20:43 2026 by llama3.2 3B Q4_K_M
