How hackers are stealing millions from ATMs, FBI warns

The FBI warned that hackers are successfully stealing millions from ATMs — and the attacks are becoming more frequent.

The FBI warned that the increase in ATM jackpotting — which is exactly what it sounds like — is a result of both physical methods for theft as well as digital malware.

Wrote the FBI in a bulletin:

"Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a legitimate transaction. The FBI has observed an increase in ATM jackpotting incidents across the United States. Out of 1,900 ATM jackpotting incidents reported since 2020, over 700 of them with more than $20 million in losses occurred in 2025 alone."

One form of malware, in particular, allows hackers to gain total control over an ATM, making the jackpotting reliably simple. Thankfully for regular people, the malware called "Ploutus" doesn't give hackers access to accounts but rather the machine itself.

"Once Ploutus is installed on an ATM, it gives threat actors direct control over the machine, allowing them to trigger cash withdrawals," wrote the FBI. "Ploutus attacks the ATM itself rather than customer accounts, enabling fast cash-out operations that can occur in minutes and are often difficult to detect until after the money is withdrawn."

Ploutus takes advantage of software that ATMs use to communicate with financial institutions, TechCrunch noted.