Thieves stole over $20 million from compromised ATMs last year using ATM jackpotting, a malware-assisted technique that forces machines to dispense cash without bank authorization. The FBI warns of more than 1,900 incidents since 2020 (700+ in 2025), noting Ploutus exploits the XFS API and listing digital and physical indicators for detection. #Ploutus #ATMs
Keypoints
- ATM jackpotting forces ATMs to dispense cash on demand without bank approval.
- Over $20 million was stolen and more than 1,900 incidents have been reported since 2020.
- Attackers often use generic keys to access ATM faces and replace or infect hard drives.
- Ploutus malware abuses the XFS API to bypass banking authorization and send dispense commands.
- The FBI alert lists Windows executables and physical signs like removed drives and unauthorized USB devices as indicators.
Read More: https://www.theregister.com/2026/02/19/crims_atm_jackpotting/