Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
In 2010, a well-known security researcher Barnaby Jack he was dramatically forced into an ATM cash machine on stage at a Black Hat security conference, forcing them to spit out bank notes in front of a stunned audience.
More than a decade later, ATM jackpotting – as it’s called – has been freed from high-profile security investigations into a major business in the criminal world.
According to a new security document issued by the FBI, hackers have increased their threats rapidly in recent years, with more than 700 attacks on financial institutions in 2025 alone, stealing at least $20 million.
According to the bulletinThe FBI says hackers are using a mix of physical ATM machines, such as generic keys to open front panels and access hard drives, and digital tools, such as planting malware that can force ATMs to quickly dispense cash.
The FBI warned that another malware, called Plutocovers the different types of ATM manufacturers and cash dispensers by looking at the Windows operating systems that power most ATMs. Ploutus gives hackers full control over a compromised ATM, allowing them to issue instructions that can trick the teller into issuing notes without taking money from the customer’s account.
Ploutus takes advantage of the financial services extension, or XFS software, that ATMs rely on to communicate with their various devices, such as PIN keypads, card readers, and the all-important cash dispensing system.
“Ploutus attacks the ATM itself instead of the customer’s accounts, resulting in quick transactions that last minutes and are often difficult to detect until the money is withdrawn,” according to the FBI news release.
Security researchers he already found problems with XFS software that can allow fraud to trick ATMs into issuing cash.
Changed the lead paragraph to change the date.
