**ATM Jackpotting Attacks Surge Across the US: What's Behind the Rise?**

In recent years, there has been an alarming surge in ATM jackpotting attacks across the United States. These incidents, also known as "cash machine" or "cardless" attacks, involve hackers using malware to force ATMs to dispense cash without a card being inserted. The FBI has issued a cybersecurity alert warning financial institutions of this growing threat.

According to recent reports, nearly 1,900 ATM jackpotting attacks have been reported since 2020, with losses topping $20 million in 2025 alone. But what's behind this sudden rise in attacks? And how can you protect yourself when using ATMs?

**How Jackpotting Attacks Work**

Jackpotting attacks typically involve hackers using malware to take control of an ATM's software. This is often achieved by removing the storage drive and loading malicious code onto it or swapping it with a compromised one. Once the malware is activated, it sends its own commands to the machine, overriding bank controls and triggering unauthorized cash withdrawals.

One of the most widely used tools in these attacks is a malware strain called Ploutus, which targets software known as XFS (eXtended Financial Services). This software is commonly used by ATMs to communicate with bank networks and authorize transactions. By exploiting vulnerabilities in this software, hackers can bypass security measures and force the ATM to dispense cash without a card.

**Why Are So Many ATMs Vulnerable?**

Many ATMs run on aging versions of Windows, which creates opportunity for attackers to exploit known vulnerabilities in these systems. In some cases, ATMs have even displayed Windows 7 login screens, which was released in 2009 and officially discontinued years ago. This lack of updates leaves ATMs vulnerable to attacks.

**What Banks Are Being Told to Do**

The FBI has outlined several defensive steps for financial institutions to protect themselves from these attacks:

* Regularly update and patch software * Implement robust security measures, such as encryption and secure protocols * Monitor for suspicious activity and have incident response plans in place

However, rolling out these fixes nationwide will take time. In the meantime, attackers continue to look for weak targets.

**How to Protect Yourself When Using ATMs**

While ATM jackpotting attacks primarily target banks, you can still take smart steps to protect yourself when using cash machines:

* Use ATMs in well-lit, secure locations * Avoid late-night or isolated ATMs * Watch for unusual ATM behavior and report any issues to the bank * Look for signs of tampering and use a different machine if you suspect something is off * Cover your keypad when entering your PIN * Set up real-time transaction alerts * Check your bank statements regularly * Use contactless or in-app ATM withdrawals

Staying alert lowers your risk and reinforces good habits, even when attackers are targeting financial institutions rather than individual customers.

**Conclusion**

ATM jackpotting attacks may seem like a bank problem, but the ripple effect can impact everyday consumers. By understanding how these attacks work and taking steps to protect yourself, you can minimize your risk of being affected by this growing threat. As digital security continues to evolve, it's essential to stay informed and take proactive measures to safeguard your finances.

**Sources:**

* FBI Cybersecurity Alert * SonicWall Managed Services * Fox News