Employees at U.S. Bancorp in Minneapolis, Minnesota, are being investigated for assisting Somali and Venezuelan criminal enterprises to steal millions from banking ATMs across the nation, using malware named Ploutus, one of the most advanced and profitable families of ATM malware ever discovered, notable for its modular architecture, deep hardware interaction, and the level of insider cooperation often required for successful deployment. Each compromised ATM can yield $20k–$200k per operation, meaning a small 10-person ring can empty millions of dollars’ worth of cash overnight. And because many ATMs still run Windows 7 Embedded or XP, updating is nontrivial—banks depend on vendor-proprietary runtimes. That systemic rot is the real story here; Ploutus just revealed how fragile the entire ATM infrastructure remains. Banks underreport jackpotting for fear of losing public confidence.