The U.S. Federal Bureau of Investigation has warned that ATM “jackpotting” attacks are rapidly increasing, with hackers stealing millions of dollars by forcing cash machines to dispense money on demand.

The warning was issued in a recent FBI security bulletin.

According to the agency, more than 700 jackpotting attacks were recorded during 2025 alone, resulting in losses of at least $20 million.

Unlike traditional financial fraud, these attacks target the ATM machines themselves rather than customer bank accounts.

The FBI said attackers typically gain physical access to ATMs using generic keys, then deploy malware that allows them to control the machine’s cash dispenser.

One of the most concerning tools identified is Ploutus, malware that exploits the Windows-based systems used by many ATMs.

Ploutus takes advantage of the XFS (Extensions for Financial Services) software layer, which controls communication between ATM hardware components such as card readers, keypads, and cash dispensers.

Once installed, the malware enables attackers to issue commands that release cash within minutes.

“Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that are difficult to detect until after the money is withdrawn,” the FBI said.

Security researchers have previously flagged vulnerabilities in XFS software that make such attacks possible.

Source: TechCrunch