Renewed wave of ATM “jackpotting” attacks

04 Mar 2026

Renewed wave of ATM “jackpotting” attacks

Banks are facing a renewed wave of ATM “jackpotting” incidents in which attackers install malware to force machines to dispense cash without legitimate user interaction or bank authorisation. 

These attacks often begin with physical access to maintenance panels and the use of malicious software to override the normal transaction controls, exploiting vulnerabilities such as the absence of disk encryption and the lack of TLS encryption during data transmission. Such incident underlines an evolving threat landscape targeting ATMs and underscores the importance of strong device security, encryption and continuous monitoring. Successful logical attacks continue to occur where gaps in the security posture remain.

Why gaps exist?

  • Complacency in security practices.
  • Conscious decisions to forgo implementing available solutions.
  • Misconceptions that certain solutions provide greater protection than they actually deliver.
  • Deployment of only partial protections instead of comprehensive security measures.

How to close the gap?

  • Stay informed about attack types and emerging trends.
  • Implement a comprehensive suite of security protections.
  • Keep protections up to date and properly configured.

As part of an effective defence strategy, BIRGER. recommends banks to:

  • reinforce physical and digital safeguards to limit opportunities for unauthorised access, including the implementation of:
    • communications encryption through TLS 1.2 with certificate pinning 
    • disk encryption solution to protect sensitive data and device integrity.
  • conduct regular security audits and device assessments to identify and remediate vulnerabilities.
  • monitor ATM systems for abnormal or suspicious behaviour to detect potential compromise early.
  • adopt proactive security strategies and layered protection measures that address both physical and logical threats.
  • align security practices with recognised industry standards to maintain robust and compliant security frameworks.

These measures will help mitigating risks associated with malware-based attacks and enhance Operational Resiliency. A proactive and risk-informed approach remains essential to safeguarding customer assets and maintaining trust in ATMs.

For more information on this topic and our Technology Solutions & Services, please contact us by mail at technology@birger.technology.

Regards,
 

BIRGER.

You may also like

17 Aug 2016

BIRGER. se positionne comme prestataire régional

Le partenariat entre la société mauricienne BIRGER. et Symantec, firme qui propose des solutions pour contrer les risques associés à la cybercriminalité à l’international, devrait être payant.

Read More

28 Oct 2024

See Yourself in Cyber Security with BIRGER.

Cyber Security is everyone’s responsibility: protect yourself from evolving threats.

Read More

01 Aug 2018

Mauritius is strengthening its National Cyber Resiliency Posture

The Ministry of Technology, Communication and Information of Mauritius (MTCI) has taken various initiatives to strengthen the country's Cyber Resiliency posture.

Read More