U.S. ATM jackpotting cash-out wave
Exploitation Wave
Summary
Hide ▲
Show ▼
ATM jackpotting is intensifying across the U.S., with 1,900 incidents since 2020 and more than $20 million lost in 2025. The wave shows attackers repeatedly compromising cash machines for fast, unauthorized cash-outs rather than isolated fraud. The abuse relies on physical access, specialized malware such as Ploutus, and commands sent through XFS on Windows-based ATMs. The scale and speed of the thefts make exposed machines a continuing high-risk target.
Related Happenings
FBI courier-assisted crypto scam warning
Advisory/Mitigation
H score32
First: 16.06.2026 11:15
Last: 16.06.2026 11:15
Sources 1
About this happening:
The **FBI** has renewed warnings about **cryptocurrency investment scams** that use **couriers and cash pickups** to bypass bank checks and keep victims sending money. The advisor...
FBI courier-assisted crypto scam warning
Advisory/MitigationAbout this happening: The **FBI** has renewed warnings about **cryptocurrency investment scams** that use **couriers and cash pickups** to bypass bank checks and keep victims sending money. The advisor...
U.S. consumers saw a surge in crypto ATM scam losses in 2025
Trend
H score32
First: 19.05.2026 22:45
Last: 19.05.2026 22:45
Sources 1
About this happening:
Law-enforcement complaint data shows **crypto ATM/cryptocurrency kiosk scams** drove sharply higher losses across **U.S. consumers** in **2025**, increasing the risk of large, irr...
U.S. consumers saw a surge in crypto ATM scam losses in 2025
TrendAbout this happening: Law-enforcement complaint data shows **crypto ATM/cryptocurrency kiosk scams** drove sharply higher losses across **U.S. consumers** in **2025**, increasing the risk of large, irr...
Minnesota statewide crypto kiosk ban
Public Sector Action
H score29
First: 19.05.2026 22:45
Last: 19.05.2026 22:45
Sources 1
About this happening:
Earlier this month, **Minnesota lawmakers** **banned cryptocurrency kiosks statewide**, tightening access to a payment channel commonly used in **crypto ATM scams**. The restricti...
Minnesota statewide crypto kiosk ban
Public Sector ActionAbout this happening: Earlier this month, **Minnesota lawmakers** **banned cryptocurrency kiosks statewide**, tightening access to a payment channel commonly used in **crypto ATM scams**. The restricti...
Tren de Aragua members charged in ATM jackpotting case
Law Enforcement
H score27
First: 20.02.2026 12:08
Last: 20.02.2026 12:08
Sources 1
About this happening:
The U.S. Department of Justice charged **87 Tren de Aragua members** over the past **six months** in a case tied to **ATM jackpotting** and **Ploutus malware**. The charging actio...
Tren de Aragua members charged in ATM jackpotting case
Law EnforcementAbout this happening: The U.S. Department of Justice charged **87 Tren de Aragua members** over the past **six months** in a case tied to **ATM jackpotting** and **Ploutus malware**. The charging actio...
FBI ATM jackpotting mitigation guidance
Advisory/Mitigation
H score27
First: 20.02.2026 10:05
Last: 20.02.2026 10:05
Sources 1
How related:
The agency has outlined a long list of recommendations that organizations can adopt to mitigate jackpotting risks.
About this happening:
The **FBI** has issued mitigation guidance for **ATM jackpotting**, aiming to reduce cash-out risk across deployed **ATM devices**. The recommendations focus on **physical securit...
FBI ATM jackpotting mitigation guidance
Advisory/MitigationHow related: The agency has outlined a long list of recommendations that organizations can adopt to mitigate jackpotting risks.
About this happening: The **FBI** has issued mitigation guidance for **ATM jackpotting**, aiming to reduce cash-out risk across deployed **ATM devices**. The recommendations focus on **physical securit...
Timeline
-
20.02.2026 10:05 3 articles · 4mo ago
FBI warns of rising ATM jackpotting across the U.S.
Initial DisclosureThe FBI warned U.S. ATM operators and financial institutions about a rise in ATM jackpotting, citing more than $20 million in losses during 2025, 1,900 reported incidents since 2020, and 700 incidents in the prior year. The bulletin said threat actors exploit physical and software vulnerabilities in ATMs, use malware such as Ploutus to force cash dispensing without a legitimate transaction, and recommended physical hardening, device audits, default-credential changes, automatic shutdown on compromise indicators, device allowlisting, and logging.
Show sources
- FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025 — thehackernews.com — 20.02.2026 10:05
- FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025 — thehackernews.com — 20.02.2026 10:05
- Jackpotting Surge Costs Banks Over $20m, Warns FBI — www.infosecurity-magazine.com — 23.02.2026 12:30