- FBI reports $20 million stolen via ATMs in the US in recent years
- Criminals use Ploutu’s malware and generic keys to bypass ATM authorization
- 1,900 cases since 2020, with 700 incidents in 2025 alone
The FBI has warned ATM jackpotting, which physically breaks into an ATM to install malware and make it spill the money, is on the rise across the US.
The bureau claims that criminals have been able to steal more than $20 million this way, noting that they are able to open the face of the ATM using “commonly available generic keys.”
Once opened, the criminals remove the ATM’s hard drive and do one of two things: either infect it with malware and reinstall it, or they replace it with another hard drive that was already preloaded with malware.
Rising trend
In both cases, the criminals would use the Ploutus malware variant, which leverages eXtensions for Financial Services (XFS), an open standard API that ATMs, PoS terminals and other similar devices typically use. The malware allows the attackers to issue their own commands to XFS, bypass authorizations and withdraw money from ATMs.
“When a legitimate transaction occurs, the ATM application sends instructions through XFS for bank authorization,” the FBI explained.
“If a threat actor can issue their own commands to XFS, they can bypass bank authorization entirely and instruct the ATM to dispense cash on demand. As a result, Ploutus allows threat actors to force an ATM to dispense cash without using a bank card, customer account or bank authorization.”
ATMs were first discovered in 2020, and since then around 1,900 such cases have been reported. By 2025, there were 700 reported cases, which is about 37% of all incidents.
It is also worth mentioning that in these attacks the bank customers are not the victims, but rather the banks themselves. Since the attackers don’t have people’s cards, PINs or bank account numbers, their money remains intact.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
