• A flash alert published on Thursday by the FBI warns of an increase in malware-enabled ATM jackpotting attacks in the United States.According to the agency, roughly 1,900 ATM jackpotting attacks have been reported since 2020, with more than 700 in 2025 alone. • The incidents recorded last year resulted in losses exceeding $20 million.ATM jackpotting attacks involve physical access to the targeted machine to plant malware that instructs its cash-dispensing module to eject currency.The US has cracked down on ATM jackpotting,prosecuting dozens of individualsfor various roles in such operations. • Many of the suspects targeted by the Justice Department in recent months areVenezuelannationals and they face deportation.US authorities suggest that multiple malware families are used in ATM jackpotting, but the most frequently named isPloutus.Ploutus has been around for more than a decade, but it hasn’t been in the news much since its peak in 2017 and 2018, until recently.Advertisement. • Scroll to continue reading.A map published last year by the Justice Department showing the locations of jackpotting incidents in the US suggested that Ploutus has remained active.The FBI’s latestalertconfirms that the malware is still widely used.“Once Ploutus is installed on an ATM, it gives threat actors direct control over the machine, allowing them to trigger cash withdrawals,” the FBI said. • “Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that can occur in minutes and are often difficult to detect until after the money is withdrawn.““The malware can be used across ATMs of different manufacturers with very little adjustment to the code as the Windows operating system is exploited during the compromise,” the law enforcement agency noted.The FBI’s alert provides indicators of compromise (IoCs) to help targeted organizations detect attacks, along with recommended mitigations.However, it’s worth noting that authorities previously mentioned that the

Article Summaries:

  • The FBI issued a flash alert on Thursday warning that U.S. ATMs have suffered a surge in malware‑enabled jackpotting attacks. Since 2020, roughly 1,900 incidents have been reported, with more than 700 occurring in 2025 alone, resulting in losses exceeding $20 million. The attacks involve physically compromising machines to install malware-most commonly the Ploutus family-that commandeers the cash‑dispensing module. The agency noted that Ploutus can operate across different manufacturers and deletes its own code to evade detection. U.S. authorities have prosecuted dozens of suspects, many Venezuelan nationals, and are offering indicators of compromise and mitigation guidance to banks.

Sources: