Listen to this Post
In a dramatic twist in the ongoing battle against global cybercrime, two Venezuelan nationals have been convicted in the United States for using sophisticated malware to hack ATMs in what authorities describe as an “ATM jackpotting” scheme. The U.S. Department of Justice has cracked down on a network that exploited financial infrastructure and siphoned money from banks across multiple states, tying the crimes to the notorious Venezuelan criminal organization Tren de Aragua. This operation has exposed deep vulnerabilities in banking security and revealed how traditional organized crime groups are now leveraging high-tech malware to fuel criminal enterprises.
the Original
Two Venezuelan citizens were convicted for their roles in an ATM jackpotting operation that used Ploutus malware to coerce automated teller machines into dispensing all their cash. The scheme involved physically accessing ATMs, connecting laptops to them, and installing the malware to override security controls and empty the machines. One defendant, Luz Granados, was sentenced to time served and ordered to pay $126,340 in restitution, while the other, Johan Gonzalez-Jimenez, received 18 months in prison and a restitution order of $285,100. Both face deportation to Venezuela after serving their sentences.
SecurityWeek
+1
This case is part of a broader enforcement action. Federal authorities recently charged 54 individuals connected to a multi-state ATM jackpotting conspiracy linked to Tren de Aragua, a Venezuelan transnational criminal organization. These charges stem from extensive investigations into the group’s use of Ploutus, malware designed to force ATMs to spit out cash without customer cards. Prosecutors allege the stolen funds were laundered and may have been used to support wider criminal activities.
Infosecurity Magazine
+1
What Undercode Says:
Deepening Threat Landscape:
The convictions of Granados and Gonzalez-Jimenez highlight a disturbing evolution in how criminal syndicates like Tren de Aragua conduct illicit activities. No longer confined to street-level crime, these groups are integrating cyber techniques with physical attacks to exploit weaknesses in banking infrastructure. The use of Ploutus—a malware family that has aged but remains effective—demonstrates that older threats can resurface with fresh operational impact when paired with the right tactics and manpower.
Transnational Crime Meets Cybersecurity:
Tren de Aragua’s involvement reveals how traditional criminal organizations are adopting sophisticated cyber tools to diversify revenue streams. The DOJ’s broader indictments charging more than 50 individuals in related ATM hacks show this is not an isolated incident but part of a coordinated campaign. This convergence of physical access and malware deployment underscores the cross-border nature of modern financial crime and demonstrates the challenges law enforcement faces when criminal networks span multiple jurisdictions.
Systemic Vulnerabilities in ATM Networks:
Despite advancements in cybersecurity, many ATM systems still run legacy software and lack robust protections against malware threats. Attackers exploited these gaps by physically accessing machines to install Ploutus, which could force unauthorized cash withdrawals and even erase evidence of tampering. This raises urgent questions about how financial institutions are securing hardware at the edge of their networks and whether current defenses keep pace with evolving threat vectors.
Impact on Public Trust and Financial Security:
ATM jackpotting attacks erode public confidence in everyday banking services. Customers expect ATMs to be reliable and secure, but when criminals can trick machines into dispensing cash, the foundational trust in automated banking is shaken. The financial repercussions extend beyond direct losses—the threat of malware-based attacks can lead to increased insurance costs, heightened regulatory scrutiny, and accelerated investments in security technologies.
Law Enforcement and Policy Implications:
The DOJ’s prosecution and subsequent deportation orders send a clear signal: cyber-enabled financial crime has serious consequences. However, the international dimension of these crimes means that coordination with foreign agencies is crucial for effective deterrence and prosecution. Tren de Aragua’s designation as a transnational threat underscores the need for collaborative approaches that combine diplomacy, cybersecurity cooperation, and cross-border law enforcement strategies.
Fact Checker Results:
• ✅ Luz Granados and Johan Gonzalez-Jimenez were convicted for ATM jackpotting using Ploutus malware and will face deportation after sentences.
SecurityWeek
• ✅ The DOJ has charged 54 individuals in connection with a large ATM jackpotting conspiracy tied to Venezuelan gang Tren de Aragua.
Infosecurity Magazine
• ✅ Ploutus malware enables unauthorized cash dispensing and can conceal evidence, signifying a persistent cyber threat.
Rural Radio
📊 Prediction:
Given the ongoing evolution of cyber threats and the demonstrated resourcefulness of transnational criminal groups, ATM jackpotting attacks are likely to continue unless financial institutions dramatically strengthen physical and digital defenses. We can expect banks to accelerate ATM software modernization, deploy advanced endpoint monitoring tools, and enhance real-time anomaly detection systems that can identify and thwart malware deployment. In parallel, law enforcement will probably pursue expanded international cooperation and information sharing to dismantle networks that exploit borders and jurisdictions, making cybercrime a less tenable profit center for organized groups like Tren de Aragua.
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: x.com
Extra Source Hub (Possible Sources for article):
https://www.medium.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon
