US charges 31 more suspects linked to ATM malware attacks
Recorded: Jan. 27, 2026, 6 p.m.
| Original | Summarized |
US charges 31 more suspects linked to ATM malware attacks News Featured New ClickFix attacks abuse Windows App-V scripts to push malware Microsoft patches actively exploited Office zero-day vulnerability Nearly 800,000 Telnet servers exposed to remote attacks Cloudflare misconfiguration behind recent BGP route leak OpenAI's ChatGPT ad costs are on par with live NFL broadcasts Fortinet blocks exploited FortiCloud SSO zero day until patch is ready Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor WinRAR path traversal flaw still exploited by numerous hackers Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityUS charges 31 more suspects linked to ATM malware attacks US charges 31 more suspects linked to ATM malware attacks By Sergiu Gatlan January 27, 2026 A Nebraska federal grand jury charged 31 additional defendants for their involvement in an ATM jackpotting operation allegedly orchestrated by members of the Venezuelan gang Tren de Aragua. Many of the indicted suspects are Venezuelan and Colombian nationals affiliated with the Tren de Aragua (TdA) gang, designated by the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) in December as a Foreign Terrorist Organization. The 2026 CISO Budget Benchmark Related Articles: ATM Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Popular Stories Microsoft patches actively exploited Office zero-day vulnerability Microsoft investigates Windows 11 boot failures after January updates Microsoft releases emergency OOB update to fix Outlook freezes Sponsor Posts Is your data already on a leak site? Monitor your exposure threats for free. Overdue a password health-check? Audit your Active Directory for free Discover how phishing kits are sold and deployed. Download the full research report. Exposure Management Index: Insights From 3,000+ Teams. Get The Report. Get a free shadow AI inventory today Upcoming Webinar Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
The United States Department of Justice has charged 31 additional suspects involved in a sophisticated ATM jackpotting operation orchestrated by members of the Venezuelan gang, Tren de Aragua (TdA). This latest indictment, stemming from a Nebraska federal grand jury, follows prior indictments in December 2025 and October 2025, bringing the total number of individuals charged to 87. The operation utilized Ploutus malware to steal millions of dollars from U.S. bank ATMs nationwide. The core of the scheme involved a network of Venezuelan and Colombian nationals, designated by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) as a Foreign Terrorist Organization in December 2025. The defendants, led by the Tren de Aragua gang, employed a technique of gaining unauthorized access to ATM machines, altering their internal components, and deploying Ploutus malware to facilitate the emptying of cash dispensers. This process encompassed actions such as physically accessing the ATMs, removing hard drives and replacing them with pre-loaded devices, or utilizing thumb drives to install the malware. The malware allowed the criminals to manipulate the machines to dispense cash beyond their intended limits, and subsequently delete evidence to conceal the thefts. The stolen funds were then distributed according to established agreements, with money laundered among the gang's members. The Justice Department has indicated that the defendants face potentially significant prison sentences, ranging from 20 to 335 years if convicted. Related actions, including the deportation of two Venezuelan nationals convicted of a similar scheme, have also taken place. Last week, South Carolina federal prosecutors announced that these two individuals would be deported after serving their sentences. The overarching strategy reflects a deeper concern about the transnational nature of criminal activity and the threat posed by organized crime groups like Tren de Aragua. The involvement of such groups, often connected to terrorism, underscores the need for robust cybersecurity measures and international cooperation to combat these evolving threats. The continued investigation and prosecution of these cases demonstrate a commitment from law enforcement agencies to disrupt criminal networks and protect financial institutions from exploitation. |