FBI Warns Nearly 1,900 Malware ATM 'Jackpotting' Attacks Since 2020
The FBI has issued a cybersecurity alert to U.S. financial institutions warning of a surge in ATM 'jackpotting' incidents, in which criminals install malware that forces machines to dispense cash on command without a valid card or account. According to the alert, nearly 1,900 such attacks have been reported since 2020, with more than one‑third occurring in just the last year and losses in 2025 already topping $20 million. The article details how attackers often use generic keys to open ATM service panels, remove and infect or swap the storage drive, and deploy malware like the Ploutus family that exploits common XFS software interfaces while many machines still run outdated Windows systems such as Windows 7. The FBI is urging banks to monitor for unauthorized files, disable USB ports, upgrade physical locks and add alarms, but acknowledges that retrofitting hundreds of thousands of ATMs nationwide will take time, leaving laggards exposed. While account holders are not usually on the hook for these direct losses, experts note that large‑scale criminal drains on ATM networks ultimately feed into higher costs and fees across the banking system.
📌 Key Facts
- The FBI has issued a new cybersecurity alert about rising ATM 'jackpotting' malware attacks in the U.S.
- Nearly 1,900 jackpotting incidents have been reported since 2020, with more than one‑third occurring in the last year.
- Losses from these attacks in 2025 alone have already exceeded $20 million.
- Attackers commonly use generic keys to open ATM cabinets, swap or infect storage drives, and deploy malware such as Ploutus that abuses XFS software to make machines dispense cash without contacting the bank.
- Many U.S. ATMs still run outdated Windows operating systems, which the FBI says create widespread exploitable vulnerabilities across brands and networks.
📊 Relevant Data
87 individuals, many of whom are Venezuelan and Colombian nationals including illegal aliens, have been charged in an international ATM jackpotting scheme linked to the Tren de Aragua gang, with operations spanning multiple U.S. states and resulting in millions in losses.
Investigation into International “ATM Jackpotting” Scheme and Tren de Aragua Results in Additional Charges — U.S. Department of Justice
The Venezuelan immigrant population in the United States has grown from approximately 256,000 in 2010 to over 545,000 by 2023, driven primarily by economic and political instability in Venezuela since 2015, including hyperinflation, shortages, and human rights abuses under the Maduro regime.
Venezuelan Immigrants in the United States — Migration Policy Institute
U.S. immigration policies, including the designation of Temporary Protected Status (TPS) for Venezuelans in 2021 (extended in 2023), have facilitated legal stays for hundreds of thousands fleeing Venezuela, with over 343,000 eligible for TPS by 2023.
Explainer: Venezuelan Migration Policy in the Americas — Americas Society/Council of the Americas
📰 Source Timeline (1)
Follow how coverage of this story developed over time