In 2010, renowned security expert Barnaby Jack made headlines when he demonstrated an ATM hack at the Black Hat security conference, causing the machine to dispense cash in front of an astonished crowd. Fast forward to today, and ATM jackpotting has evolved from a theoretical exercise into a significant issue within the criminal landscape.
A recent security bulletin from the FBI highlights a troubling trend: hackers have dramatically increased their activities, with over 700 incidents reported in 2025 alone, resulting in the theft of at least $20 million. This surge in attacks showcases the sophistication and determination of cybercriminals.
The FBI reports that these hackers employ a combination of methods, including physical access to ATMs using generic keys to unlock panels and access internal components, alongside digital tactics like malware installation. This malware enables ATMs to dispense large amounts of cash almost instantaneously.
One particularly concerning piece of malware, known as Ploutus, affects multiple ATM manufacturers by exploiting vulnerabilities in the widely used Windows operating system. Once compromised, hackers gain complete control over the ATM, allowing them to issue commands that trick the machine into dispensing cash without deducting funds from customer accounts.
Ploutus operates by manipulating extensions for financial services, known as XFS software, which is essential for ATMs to interact with their various hardware elements, including the PIN keypad, card reader, and cash dispensing unit.
The FBI notes, "Ploutus targets the ATM directly rather than customer accounts, enabling rapid cash withdrawals that can occur in mere minutes and often go undetected until after the money has been taken." This highlights the urgent need for enhanced security measures within the ATM ecosystem.
Security experts have previously identified vulnerabilities in XFS software that can be exploited by hackers, further emphasizing the importance of ongoing vigilance and improvement in ATM security protocols.
