According to the Federal Bureau of Investigation (FBI), 2025 saw a sharp rise in Automated Teller Machine (ATM) jackpotting. This particular type of fraud targets ATMs rather than customer accounts. Malware is installed discreetly on the machines, which allows criminals to withdraw cash en masse. This causes criminals to drain funds that the bank has put inside the machine for withdrawal.
Official data states that at least 700 such cases had been reported in the previous year. This has been flagged as a concerning rise in organized financial cybercrime. Since 2020, as stated in the FBI report, criminals have managed to siphon at least $20 million using this tactic. As much as $12 million was reportedly extracted in 2025 alone.
🚨The FBI has issued an alarming report on the rise of ATM jackpotting by illegal aliens from the Venezuelan gang Tren de Aragua. Since Biden and the Democrats allowed them into the U.S., there have been over 1,900 robberies, resulting in over $20 million lost in just 2025 alone. pic.twitter.com/15qV0HdcPf
— Dapper Detective (@Dapper_Det) February 21, 2026
This indicates that the users of the scheme are rapidly expanding their operations. The European Association for Secure Transactions has also flagged jackpotting as an upcoming and fast-growing threat. Between 2019 and 2020 alone, it saw a 269 percent increase in the scheme being employed for fraud.
ATM jackpotting sees criminals install malicious software in the ATM. This causes the ATM to dispense cash without permission from the bank. Often, these machines are emptied without the knowledge of the bank.
This type of attack requires access to the ATM directly. The malware that is installed in the system can also infect ATMs in the same network. The malware is either installed on the hard drive of the computer, or the hard drive itself is replaced with a bugged one.
The FBI released an advisory on malware being used for ATM jackpotting, which manipulates ATMs to dispense cash without a legitimate transaction. This type of crime caused $20 million in losses in 2025 alone.
Learn about digital and physical indicators of ATM jackpotting, along… pic.twitter.com/O54PDJJL5Q
— FBI Cyber Division (@FBICyberDiv) February 19, 2026
One of the most versatile and common common types of malware used for this is called Ploutus. This is a strain of digital virus that is specifically designed to target ATMs. Ploutus allows criminals to access the machine with remote devices.
This means that the cash inside the machine can be dispensed using external devices or remote commands, stopping and starting the flow of money at will. This, as mentioned above, targets the ATM itself, as opposed to the accounts of customers that might be clients of the bank.
The FBI has pointed out that such threats are only going to get more sophisticated. The bureau has urged banks to update software security and also invest in physical safeguards regularly. While CCTVs are present in all remote ATM locations, these are not deterrents that are sophisticated enough to track criminals.
As banking and finance become more sophisticated, it is becoming more and more important to focus on cybersecurity as well. Timely updates and regular checks for physical and virtual safeguards can defend against such crimes.
