"The US Justice Department has announced charges against an additional 31 individuals accused of being involved in a massive ATM jackpotting scheme that resulted in the theft of millions of dollars. The latest round of charges brings the total number of individuals targeted in this ATM hacking probe to 87. The suspects are mostly Venezuelan nationals, including members of the Tren de Aragua crime syndicate, but Colombian nationals have also been targeted in the new indictment."
"According to the DoJ, the criminal network used the Ploutus malware to bypass security systems and issue unauthorized commands to an ATM's cash dispensing module, forcing the machine to eject currency. Deployment of the malware involved physical tampering, where operators gained internal access to either swap the machine's hard drive with a pre-loaded version or infect it via an external USB device."
"The Ploutus malware has been around for more than a decade, and while it hasn't been in the news much since its peak in 2017 and 2018, it hasn't disappeared. Public alerts for Ploutus largely dropped off after 2022, but DoJ records confirm the malware remained in active use until at least last year. The DoJ announced recently that two Venezuelan nationals convicted over their role in the ATM hacking scheme will be deported. Ultimately, all individuals charged in the investigation face deportation."
Federal prosecutors charged 31 additional individuals, bringing the total number targeted in the ATM jackpotting investigation to 87. The suspects are mostly Venezuelan nationals, including members of the Tren de Aragua crime syndicate, with some Colombian nationals also indicted. Defendants face conspiracy to commit bank fraud and burglary, along with substantive counts of computer fraud and intentional damage to protected systems. The criminal network used Ploutus malware to bypass ATM security and send unauthorized commands to cash-dispensing modules, forcing machines to eject currency. Operators achieved deployment through physical tampering, swapping hard drives or using external USB devices. The malware deleted its own traces and remained active through at least last year. Two convicted Venezuelan nationals will be deported and all charged individuals face deportation.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]