https://www.cyber.nj.gov/threat-landscape/malware/atm-malware
ATM malware is malicious software designed to compromise automated teller machines (ATMs) by exploiting vulnerabilities in the machine's hardware or software.
https://www.kaspersky.com/resource-center/threats/tyupkin-malware-atm-security-malware
Tyupkin is a piece of malware that allows cyber criminals to empty cash machines via direct manipulation.
https://www.in.gov/cybersecurity/blog/posts/cybercriminals-aiming-for-different-kind-of-jackpot-with-your-atms/
Sep 25, 2024 — “jackpotting” is a term that's being used to describe the means by which an attacker can get an ATM machine to dispense cash outside of its normal legitimate
https://www.malwarebytes.com/blog/news/2025/11/android-malware-steals-your-card-details-and-pin-to-make-instant-atm-withdrawals
Nov 6, 2025 — Forget card skimmers—this Android malware uses your phone's NFC to help criminals pull cash straight from ATMs.
https://www.abais.com/blogs/detail/blog/2024/10/29/atm-jackpotting-attacks-have-increased
Oct 29, 2024 — Criminals are using master keys and endoscopes to get into ATMs. ATM attacks have been rampant since 2018 and are showing no signs of letting up.
https://www.tietoevry.com/en/blog/2024/05/software-attacks-on-atms-are-rising-heres-how-to-stop-them/
As losses from software attacks rise, ATM operators should seek wide-ranging protection.
https://www.europol.europa.eu/sites/default/files/documents/public_-_cashing_in_on_atm_malware.pdf
We can gather that the use of ATM malware is becoming more commonplace, with cybercriminals constantly improving their attack methods in hopes of remaining ...
https://www.crowdstrike.com/en-us/blog/ploutus-atm-malware-deobfuscation-case-study/
Nov 10, 2021 — Ploutus malware protects its code with a commercial obfuscator named .NET Reactor. We demonstrate how to build a deobfuscator to combat this ...
https://sepiocyber.com/resources/whitepapers/atm-jackpotting/
Learn about ATM cyber attacks, including jackpotting and rogue devices. Discover how to protect your ATMs with Sepio's security solutions.
https://www.proofpoint.com/us/threat-insight/post/Meet-GreenDispenser
Sep 24, 2015 — GreenDispenser provides an attacker the ability to walk up to an infected ATM and drain its cash vault.Read more
https://www.atmmarketplace.com/resources/malware-in-atms-exploring-cyber-threats-and-key-characteristics/
Nov 3, 2025 — ATM malware poses a persistent and evolving threat to financial institutions worldwide, exploiting vulnerabilities in critical devices to ...
https://cloud.google.com/blog/topics/threat-intelligence/new-ploutus-variant/
Jan 11, 2017 — It is configured to control Diebold ATMs. It has a different GUI interface. It comes with a Launcher that attempts to identify and kill security ...
https://www.foxnews.com/tech/how-android-malware-lets-thieves-access-your-atm-cash
Nov 25, 2025 — Polish security researchers discovered NGate malware that steals NFC payment codes from Android phones, allowing criminals to withdraw money ...
https://www.association-secure-transactions.eu/industry-information/countermeasures-against-atm-malware-and-black-box-attacks/
Countermeasures to protect against Black Box and Malware attacks on ATMs prepared by the EAST Expert Group on All Terminal Fraud (EGAF).
https://www.wired.com/story/atm-hacking-winpot-jackpotting-game/
Feb 20, 2019 — A strain of ATM malware called WinPot turns the act of cashing out into something like a slot machine.
https://www.security.com/threat-intelligence/fastcash-lazarus-atm-malware
Nov 8, 2018 — Hidden Cobra (the US government's code name for Lazarus) has been conducting “FASTCash” attacks, stealing money from Automated Teller Machines (ATMs) from ...
https://www.cyber.nj.gov/threat-landscape/malware/atm-malware/ploutus
The Ploutus ATM malware family, first detected in 2013 by Symantec as Backdoor.Ploutus, allows attackers to withdraw cash from an ATM machine on command.
https://www.broadcom.com/support/security-center/protection-bulletin/fixs-the-atm-malware
Mar 15, 2023 — FiXS is a new ATM malware variant observed being used in campaigns in Mexico. According to recent reports, FiXS malware arrives embedded within the Neshta ( ...
https://blogs.cisco.com/security/talos/10-years-of-virtual-dynamite-a-high-level-retrospective-of-atm-malware
May 30, 2019 — It has been 10 years since the discovery of Skimer, first malware specifically designed to attack automated teller machines (ATMs).
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4430813
by A Kapoor · 2023 — Cybercriminals, in their ceaseless attempt to rake in profits, have found another way to target ATMs: via the bank's network.