You still have to get access to some kind of port to transfer the Malware onto the machine, so how are you going to do that if the access ports are locked up inside the machine? By terminal you mean, some kind of command prompt right? So he hacks into the command prompt and launch a script located on a website to redirect coins to his/her Bitcoin address or to launch the Malware?
Ok, that makes sense, but that would need some pretty good knowledge of the software that are being used on these ATMs.
As per Youtube videos, There are special commands to access the command line/terminal on these ATMs but I believe it isn't that easy tho. There is indeed some sort of social engineering required, you may ask why? ATMs are usually behind strong firewalls and they are only allowed to communicate with a specific server, So even if they get access to the command line/Terminal they won't be able to download the malware. Unless they have discovered a way to bypass Firewalls of these ATMs which I doubt strongly. They are at square one without social Engineering.