NEWNow you can listen to Fox News articles!
You swipe your card and enter your PIN. You take your money and walk out the door. It feels familiar and secure. Most of us never think about it. However, some ATMs are quietly being turned into cash machines for criminals.
The Federal Bureau of Investigation recently issued a cybersecurity alert regarding the increase in malware attacks targeting ATMs. These incidents are known as jackpotting attacks. In simple terms, criminals force machines to withdraw money by command.
Prices are increasing. As of 2020, nearly 1,900 attacks have been reported. More than a third happened last year. By 2025 alone, the loss has exceeded $20 million. So what exactly is going on inside these machines, and why is the threat accelerating now?
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper
HOW TO FRAUD A DEBIT CARD WITHOUT USING A CARD
The FBI is warning of a rise in ATM “jackpotting” attacks, where hackers force machines to withdraw money using malware. (TIM SLOAN/AFP via Getty Images)
How ATM jackpotting attacks work
This is not a Hollywood heist. In most cases, attackers use standard keys to open the ATM’s maintenance drawer. Once inside, they take out the final drive. Then they upload malware to it or replace it with a corrupted one.
After restarting the machine, the malicious software takes control of it. One of the most widely used tools is a malware called Ploutus. It targets software known as XFS, which is used by ATMs to communicate with banking networks and authorize transactions.
Instead of asking the bank for permission, the malware bypasses that process. It sends its commands to the machine. The result? An ATM dispenses cash without a card, without an account and without a formal transaction. That is jackpotting.
Why are so many ATMs vulnerable?
Here is the uncomfortable truth. Many ATMs run older versions of Windows. Some machines even displayed Windows 7 login screens. That operating system was released in 2009 and was officially discontinued years ago.
Outdated software creates opportunity. If attackers find a vulnerability in the Windows operating system, they can use it across different brands of ATMs and financial networks. The FBI says the attack is not tied to a single bank or ATM manufacturer. Instead, they target common weaknesses shared across systems.
That makes the problem even bigger. And with hundreds of thousands of ATMs in use across the US, upgrading and securing all the machines will take time.
FEDS CHARGE 87 PEOPLE IN MAJOR ATM ‘JACKPOTTING’ OPERATION LINKED TO TREN DE ARAGUA GANG
About 1,900 ATM jackpotting attacks have been reported since 2020, with losses of more than $20 million in 2025 alone. (Robert Alexander/Getty Images)
That’s what banks are supposed to do
The FBI has outlined several steps to protect financial institutions:
- Monitor ATMs for unauthorized files and suspicious executables
- Disable USB ports to prevent malware loading
- Replace conventional locks with keypad systems
- Add secondary alarms and enhanced physical security
These are effective fixes. But rolling them out across the country is a slow process. Meanwhile, attackers continue to look for weak targets.
Why is this still important to you?
You might think this sounds like a banking problem, not a personal one. Technically, consumers are not the direct victims in these situations. Unlike the Bitcoin ATM scams that have cost hundreds of millions, jackpotting attacks have hit financial institutions. However, there is a ripple effect.
When banks lose money, insurance companies pay claims. Ultimately, those costs are reflected somewhere. High fees. Increased service charges. Strict policies. Ultimately, everyday customers experience the impact. Cyber crime is rarely contained.
HOW TO SECURELY VIEW YOUR BANK AND PENSION ACCOUNTS ONLINE
Cybercriminals exploit outdated ATM software to bypass bank controls and cause unauthorized withdrawals. (Justin Sullivan/Getty Images)
How to protect yourself when using ATMs
Although ATM jackpotting primarily attacks banks, you can still take smart precautions when using cash machines.
1) Use ATMs in well-lit and secure areas
Choose machines located inside bank branches or in high-traffic areas. These areas may be monitored and maintained.
2) Avoid late night or solitary ATMs
Hackers need physical access to tamper with equipment. High traffic areas during normal business hours reduce that risk.
3) Watch for unusual ATM behavior
If the machine restarts suddenly, freezes or behaves strangely, stop immediately. Do not insert your card. Report the matter to the bank immediately.
4) Look for signs of tampering
Check for loose panels, exposed wires or unusual attachments near the card area or keypad. If something goes wrong, use a different machine.
5) Cover the keypad when entering your PIN
Protect your PIN with your hand as you type. This protects you from hidden cameras and surfers who might try to capture your code.
6) Set real-time performance alerts
Enable text or push notifications for withdrawals and account activity. Instant notifications help you act quickly if something unexpected comes up.
7) Check your bank statements regularly
Even when jackpotting goes beyond customer accounts, fraudulent schemes are emerging. Review your activity regularly so you can catch unauthorized charges early.
8) Consider monitoring identity theft
Identity theft protection services can provide you with alerts about unusual financial activity across your accounts. Think of it as an extra layer of awareness rather than fixing ATM malware. See my tips and top picks for Best Identity Theft Protection at Cyberguy.com
9) Use without contact or withdrawal of in-app ATM
Many banks offer cardless access through secure mobile apps. This reduces exposure to skimming devices and physical tampering.
10) Keep your banking app updated
Install updates immediately to ensure you have the latest security and protection patches.
Staying vigilant lowers your risk and reinforces best practices, even when attackers target financial institutions rather than individual customers.
Kurt’s priority is taking
Attacks on ATM jackpotting reveal something important. Even standard equipment can hide modern weaknesses. Most of us rarely think about the software that runs inside a cash machine. However, those systems rely on the same operating systems as home and office computers. If they fall behind on updates, hackers take notice. The FBI’s warning is no reason to panic. It’s a reminder that digital security affects almost every aspect of daily life, even the simple act of withdrawing cash.
How much trust do you put in the technology you use every day without seeing how it works? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper
Copyright 2026 CyberGuy.com. All rights reserved.
