好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内。首先,我得仔细阅读这篇文章,了解其主要内容和重点。 文章标题是“FBI警告ATM抢劫案件激增,2025年损失2000万美元”。作者是Pierluigi Paganini,日期是2026年2月20日。内容主要讲的是FBI警告全美ATM抢劫案件激增,2025年损失超过2000万美元,自2020年以来报告了1900起事件。文章还提到使用恶意软件如Ploutus来控制ATM机,犯罪分子通过物理接触ATM机安装恶意软件,利用Windows系统的漏洞。此外,提到了Ploutus-D变种及其潜在影响。 接下来,我需要提取关键信息:FBI警告、ATM抢劫激增、损失金额、时间范围、恶意软件名称及其影响范围。同时,要确保总结简洁明了,不超过100字,并且不使用“文章内容总结”之类的开头。 可能会这样组织语言:FBI警告全美ATM抢劫激增,2025年损失超2千万美元。自2020年以来报告1900起事件。犯罪分子利用恶意软件如Ploutus控制ATM机,在80个国家影响多品牌设备。 检查字数是否符合要求,并确保信息准确无误。 </think> FBI警告全美ATM抢劫激增,2025年损失超$2千万。自2020年以来报告1900起事件。犯罪分子利用恶意软件如Ploutus控制ATM,在80个国家影响多品牌设备。 2026-2-20 09:27:55 Author: securityaffairs.com(查看原文) 阅读量:0 收藏
FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025
Pierluigi Paganini
February 20, 2026
The FBI warns ATM jackpotting is rising nationwide, with over $20 million lost in 2025 and 1,900 incidents reported since 2020.
The FBI has warned of a sharp rise in ATM jackpotting attacks across the U.S., with losses exceeding $20 million in 2025 alone. Since 2020, about 1,900 incidents have been reported, including 700 last year. According to the Department of Justice (DoJ), total losses tied to jackpotting have reached roughly $40.7 million since 2021.
“The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) and technical details associated with malware enabled ATM jackpotting.” reads the FLASH alert published by the FBI. “Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a legitimate transaction.”
Criminals are deploying ATM jackpotting malware such as Ploutus to force cash machines to dispense money without authorization. The malware targets the eXtensions for Financial Services (XFS) layer, which controls ATM hardware. By sending rogue commands directly to XFS, attackers bypass bank approval and trigger withdrawals without cards or accounts. Once installed, Ploutus gives full control of the ATM, enabling fast cash-outs in minutes.
To infect machines, attackers usually gain physical access, open the cabinet with generic keys, and either copy malware onto the hard drive or replace it with a preloaded one. Exploiting Windows systems, the malware works across different ATM brands with minimal changes.
The Flash alert includes Indicators of Compromise (IOCs) for these attacks.
The jackpotting technique was first proposed by white-hat hacker Barnaby Jack in 2010.
Ploutus is one of the most sophisticated ATM malware that was first discovered in Mexico back in 2013. The malicious code allows crooks to steal cash from ATMs using either an external keyboard attached to the machine or by sending SMS messages.
In January 2018, experts at FireEye Labs discovered a new version of the Ploutus ATM malware, the so-called Ploutus-D, that works on the KAL’s Kalignite multivendor ATM platform.
The experts observed the Ploutus-D in attacks against ATM of the vendor Diebold, but the most worrisome aspect of the story is that minor changes to the malware code could allow Ploutus-D to target a wide range of ATM vendors in 80 countries.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ATM jackpotting)
如有侵权请联系:admin#unsafe.sh