In 2010, renowned security researcher Barnaby Jack successfully hacked an ATM automated teller machine on stage at the Black Hat security conference, causing it to spit out a large amount of banknotes in front of an awed audience.
More than a decade later, ATM jackpots (so-called jackpots) have moved out of the realm of theoretical security research and into the corporate world of crime.
Hackers have rapidly stepped up their attacks in recent years, with at least $20 million in cash stolen in more than 700 attacks on cash machines in 2025 alone, according to a new security bulletin issued by the FBI.
According to the bulletin, the FBI says hackers are using a combination of physical access to ATM machines, such as a universal key to unlock the front panel and access the hard drive, and digital tools, such as planting malware that forces the ATM to withdraw cash instantly.
The FBI has warned that a particular piece of malware known as Ploutus affects a variety of ATM manufacturers and cash machines by targeting the underlying Windows operating system that powers many ATMs. Ploutus gives hackers complete control of compromised ATMs and allows them to issue instructions that can trick dispensers into dispensing notes without withdrawing funds from customer accounts.
Ploutus utilizes extensions for financial services (XFS software). ATMs rely on this software to communicate with various other hardware components, such as PIN keypads, card readers, and the all-important cash dispensing unit.
According to an FBI bulletin, “Ploutus attacks the ATM itself rather than the customer’s account, enabling high-speed cash withdrawal operations that can be performed in minutes but are often difficult to detect until the money is withdrawn.”
Security researchers previously discovered an issue with XFS software that allowed hackers to trick ATMs into withdrawing cash.
Updated lead paragraph to correct date.
Source link
