FBI says ATM 'jackpotting' attacks are on the rise, and netting hackers millions in stolen cash | TechCrunch
TechCrunch
by Zack WhittakerFebruary 19, 2026
AI-Generated Deep Dive Summary
The FBI has reported a significant rise in ATM 'jackpotting' attacks, where hackers manipulate ATMs to dispense cash rapidly. These attacks have evolved from experimental hacks into a major criminal activity, with over 700 incidents reported in 2025 alone, resulting in millions of dollars stolen. The primary tool behind these attacks is the Ploutus malware, which targets ATMs running on outdated Windows operating systems and exploits vulnerabilities in their communication software.
Ploutus enables hackers to gain full control over compromised ATMs, allowing them to dispense cash quickly without accessing customer accounts. This method often goes undetected until after the money has been stolen, making it particularly effective for criminals. The malware specifically targets extensions for financial services (XFS) software, which ATMs use to communicate with hardware components like PIN keypads and card readers.
The rise of these attacks highlights critical security flaws in ATM systems, many of which rely on outdated technologies. While Barnaby Jack's pioneering work in 2010 demonstrated the potential for such hacks, today’s criminals have weaponized similar techniques to exploit weaknesses in real-world banking infrastructure. This underscores the urgent need for improved cybersecurity measures in financial systems.
This trend matters significantly to tech enthusiasts and security professionals, as it exposes vulnerabilities in widely used technologies and raises concerns about the safety of financial transactions. The increasing sophistication of cyberattacks targeting physical infrastructure like ATMs underscores the importance of proactive cybersecurity strategies to protect both businesses and consumers.
Verticals
techstartups
Originally published on TechCrunch on 2/19/2026