"The gang allegedly deployed a variant of Ploutus malware on ATMs across the US. Court documents assert that TdA members would travel in groups and compromise ATMs managed by certain banks and credit unions. The alleged gang members would inspect each ATM for external security features before opening the machine's door, checking for alarms being triggered or law enforcement rushing to the scene."
"Once they confirmed a machine could be safely tampered with, the suspects would either remove the ATM's hard drive and install the Ploutus variant before reinstalling it, or in some cases simply replace the hard drive with one that already had Ploutus installed. Other instances saw the malware deployed using external thumb drives. Thought to be first observed in Mexico back in 2013, Ploutus malware targets the cash-dispensing module of ATMs, allowing attackers to issue commands that force the machine to spurt out bills."
Two Nebraska indictments charge 54 alleged Tren de Aragua members with ATM jackpotting across the United States using a variant of Ploutus malware. TdA members allegedly traveled in groups, inspected external ATM security, and opened machines to remove or replace hard drives or use external thumb drives to install malware. Ploutus targets the cash-dispensing module, enabling commands that force ATMs to dispense cash. Since 2020, ATM jackpotting involving device tampering and malware has accounted for over $40 million in theft. U.S. authorities characterize Tren de Aragua as a ruthless terrorist organization funding cross-border violence.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]