A dramatic increase in ATM “jackpotting” incidents—in which thieves manipulate machines to vomit out large quantities of cash—across the United States has authorities alarmed. A group recently took out over $175,000 from a drive-thru automated teller machine in Fairfax County, Virginia.
Jackpotting, according to experts, is a hybrid cyber-physical crime in which criminals infiltrate an ATM with malware or a “black box” device to circumvent its security measures and let it issue cash without a card transaction. Over the course of several hours in the dead of night, machines used in the Virginia theft were frequently accessed. One particularly striking withdrawal was caught on security footage, which showed cash pouring out of the machine as a phone recorded the action.
Rapid-fire crimes of this kind are currently occurring in several jurisdictions. Older ATMs with less robust security are targeted in each instance, and the perpetrators frequently flee before banks or law enforcement can react. Financial institutions and retailers are being advised to strengthen physical locks, update firmware, and keep an eye out for any strange machine behavior right away.
The growing number of jackpotting events highlights a concerning trend: even in areas that are closely monitored, highly planned technological attacks are evolving into widespread physical cash robberies.