Police in Virginia are seeking the public’s help in identifying a team of criminals who’ve been “jackpotting” local ATMs.
According to the Fairfax County Police Department, “jackpotting” is a crime where criminals hijack an ATM’s security system and force it to dispense large quantities of cash.
“This is accomplished by installing malware or a ‘black box’ device to override the machine’s security, which can be done through physical access, such as a USB drive, or by intercepting communications between the ATM and its network,” the department noted in a press release.
Detectives Ask for the Public’s Help Identifying ATM Jackpotting Suspects. Full story here ➡️https://t.co/ofcTRLyp9I pic.twitter.com/9M0XFc2K1r
— Fairfax County Police (@FairfaxCountyPD) November 17, 2025
The local “jackpotting” crime spree began on Oct. 3, when a perpetrator approached a Fairfax County ATM and used a key to open the machine and do something – it’s not clear what.
“The same individual returned on October 4, 2025, at 12:28 a.m., driving a late-model blue Jeep, and again opened the ATM,” according to the police’s press release. “Around 1:15 a.m., two suspects, including the original individual, arrived in the same Jeep and accessed the machine for about 15 minutes while appearing to record it with their phones.”
“At 2:00 a.m., an unmasked suspect in the same Jeep began withdrawing cash without inserting a card or touching the ATM. He held a phone toward the machine while removing cash, left briefly, and returned at 2:09 a.m., remaining until 2:44 a.m. as withdrawals continued,” the press release notes.
The suspects wound up stealing $175,000 from this ATM alone.
Fairfax County Police are searching for two men after $175,000 was stolen from Apple Federal Credit Union via an emerging scheme known as “ATM jackpotting.”
The theft unfolded over several hours across the night of October 3rd and early morning of October 4th at a drive-up ATM… pic.twitter.com/COgLqlcWND
— The DC MD VA Live (@TheDMVLive) November 17, 2025
They aren’t the first criminals to engage in “jackpotting.”
In 2022, the U.S. Secret Service announced a noticeable uptick “in both ATM successful and unsuccessful jackpotting attempts.”
“The Secret Service has recently seen traditional malware, black box, and man-in-the-middle (MiTM) attacks on ATMs in Utah, Minnesota, Texas, Colorado, Idaho, Maryland, Georgia, South Carolina, North Carolina, Tennessee, California, Pennsylvania, Oregon, Washington, and New York,” the agency announced at the time in an alert.
“These incidents have occurred across multiple ATM manufacturer brands and are believed to have been perpetrated by at least seven different criminal groups,” the alert continued.
The suspects in these cases were spotted “opening and accessing the ATMs using magnets and generic keys designed to unlock an ATM’s exterior.”
According to the Indiana Cybersecurity Hub, “jackpotting” first started appearing in the U.S. in 2018 after years of being common in Central and South America — where last year six Venezuelan nationals were indicted after they “jackpotted” $400,000 from four ATMs in New York.
Six Men Indicted in Connection with “ATM Jackpotting” Conspiracy https://t.co/pXbXfKpC28
— U.S. Attorney NDNY (@NDNYnews) October 4, 2024
The Hub has offered banks tips on how to prevent themselves from becoming the victims of “jackpotting”:
- Secure the whole ATM, not just the vault.
- Disable the ATM’s USB ports when not in use.
- Run “advanced anti-malware” on the ATM’s computer system.
- Whitelist safe software applications.
- Use only the highest-level encryption technology.
- Enable “unique image bonding” and “high level dispenser settings.”
- Use full disk encryption on the ATM’s hard drive.
The first-ever large-scale “jackpotting” operation was conducted in 2023 by a large group of hackers in Mexico, according to PCBB: Correspondent Banking Services.
“This cyber heist involved infecting more than 450 ATMs with Ploutus ATM malware, which caused the machines to spit out enormous piles of cash,” the outlet notes.
Later that same year, a crime gang known as Carbanak “remotely forced a large ATM network to dispense cash to money mules and rewired bank systems to transfer money into accounts they controlled.”
Over the course of five years, the gang successfully pilfered $1.07 billion from over 100 banks.
Writers and editors can be contacted at [email protected] with feedback, tips, or corrections.
V. Saxena is a staff writer with a decade of experience as a professional writer, and a lifetime of experience as an avid news junkie. He holds a degree in computer technology from Purdue University. Saxena also contributes to BizPac Review.
- Vet working at Detroit grocery store can ‘retire with dignity’ after $1.8M in donations - December 6, 2025
- Booze-infused illegal immigrant with history of DUIs charged with killing girl, 8, in San Diego - December 6, 2025
- Watch: Coast Guard seizes massive cocaine haul after sniper takes out narco-boat engines - December 6, 2025
Comment
We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.