The US Justice Department has announced charges against an additional 31 individuals accused of being involved in a massive ATM jackpotting scheme that resulted in the theft of millions of dollars.
The latest round of charges brings the total number of individuals targeted in this ATM hacking probe to 87.
The suspects are mostly Venezuelan nationals, including members of the Tren de Aragua crime syndicate, but Colombian nationals have also been targeted in the new indictment.
The defendants face an array of charges, including conspiracy to commit bank fraud and burglary, as well as substantive counts of computer fraud and intentional damage to protected systems.
According to the DoJ, the criminal network used the Ploutus malware to bypass security systems and issue unauthorized commands to an ATM’s cash dispensing module, forcing the machine to eject currency.
Deployment of the malware involved physical tampering, where operators gained internal access to either swap the machine’s hard drive with a pre-loaded version or infect it via an external USB device.
Once the ‘jackpotting’ was complete, the malware autonomously deleted traces of its own code to deceive forensic investigators and bank employees.
The Ploutus malware has been around for more than a decade, and while it hasn’t been in the news much since its peak in 2017 and 2018, it hasn’t disappeared.
Public alerts for Ploutus largely dropped off after 2022, but DoJ records confirm the malware remained in active use until at least last year.
The DoJ announced recently that two Venezuelan nationals convicted over their role in the ATM hacking scheme will be deported. Ultimately, all individuals charged in the investigation face deportation.
Related: 574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings
Related: Former Accenture Employee Charged Over Cybersecurity Fraud
