According to the FBI, since 2020, the agency has recorded approximately 1,900 attacks targeting ATMs across the United States. Even more concerning, over 700 incidents occurred last year alone, accounting for more than one-third of the total over the past six years. This surge in attacks has resulted in banks and financial institutions losing over $20 million in cash.
This type of attack is called "jackpotting" by security experts – a sophisticated tactic combining physical manipulation and the use of malware. The unique aspect of this type of crime is that it doesn't target bank accounts or steal people's data. Instead, it directly attacks the hardware and operating software of the ATM itself to "empty" the cash inside. It usually begins with a direct intrusion, when the perpetrators use master keys to open the protective cover of the ATM.
After gaining access to the internal systems, attackers directly interfere with the machine's hard drive. They can remove the existing hard drive, connect it to a personal computer to copy malware onto it, and then reassemble it to restart the machine. Another, quicker method is to completely replace it with a new hard drive or external device that has already been pre-installed with malware. Among the tools used, the malware called Ploutus is the most common and dangerous because it directly attacks the software layer that controls the physical operation of the ATM.
In a normal transaction, an ATM must send data to the central banking system for verification before dispensing money. However, when infected with malware, this machine becomes completely undetectable. Criminals gain full control, ordering the machine to continuously dispense cash until it runs out, without requiring permission from the bank or the use of any ATM card or account. The entire process of stealing money takes only a few short minutes, making it extremely difficult for authorities to detect until the criminals have escaped with the large sum of money.
Investigators added that the majority of these incidents involved organized crime groups. The malware was designed to attack many different ATM models from various brands without requiring significant modifications, allowing for widespread attacks. Recently, US authorities have also prosecuted dozens of individuals belonging to transnational criminal organizations for their involvement in this series of attacks.
The FBI advises financial institutions to urgently upgrade their security systems and increase surveillance at ATM locations. Simultaneously, employees should pay close attention to any unusual physical signs such as unauthorized opening of ATM doors, the insertion of foreign devices, sudden technical malfunctions, or machines reporting an empty cash cycle outside of scheduled times, in order to prevent potential losses.
Source: https://baophapluat.vn/fbi-canh-bao-hang-loat-tru-atm-bi-tan-cong-jackpotting.html
![[Photo] Delegation attending the 14th Congress of the Vietnam Trade Union visits the Mausoleum of President Ho Chi Minh.](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2026/06/03/1780451842301_ndo_br_img-3824-jpg.webp)
Comment (0)