Two Venezuelan nationals convicted of using malware to steal cash from ATMs will be deported, the US Department of Justice announced this week.
The suspects, 34-year-old Luz Granados and 40-year-old Johan Gonzalez-Jimenez, conducted ATM jackpotting, removing the targeted ATM’s outer casing and connecting a laptop to the machine to install malware. The malware then enabled them to instruct the ATM to dispense all its cash.
Granados, sentenced to time served, must pay $126,340 in restitution, while Gonzalez-Jimenez, sentenced to 18 months in prison, was ordered to pay $285,100.
Both defendants face deportation, with Granados currently in custody awaiting removal and Gonzalez-Jimenez set to be deported following his prison sentence.
This came less than two weeks after the DoJ announced that a group of five Venezuelan nationals had pleaded guilty or been sentenced for their role in a multi-state ATM jackpotting ring. They also faced deportation.
The US announced in December charges against 54 individuals, including leaders and members of the Venezuelan crime syndicate Tren de Aragua, over their alleged roles in a massive ATM jackpotting campaign.
The December announcement named the malware used in the attacks: Ploutus.
The Ploutus malware has been around for more than a decade, and while it hasn’t been in the news much since its peak in 2017 and 2018, it likely hasn’t disappeared.
While the most recent public alerts referencing Ploutus are from 2022, information shared by the DoJ indicates it was used as recently as August 2025.
Related: New Reports Reinforce Cyberattack’s Role in Maduro Capture Blackout
Related: Two Venezuelans Arrested in US for ATM Jackpotting
Related: Dutch Port Hacker Sentenced to Prison
Related: Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights
