Saturday, December 20, 2025
Latest:

Threatshub.org sponsored-Post

The Register

ATM jackpotting gang accused of unleashing Ploutus malware across US

TH Author

A Venezuelan gang described by US officials as “a ruthless terrorist organization” faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars.

Two indictments were returned in Nebraska, collectively charging 54 alleged members of the Tren de Aragua (TdA) gang in connection with a spate of ATM jackpotting attacks.

The gang allegedly deployed a variant of Ploutus malware on ATMs across the US. Court documents assert that TdA members would travel in groups and compromise ATMs managed by certain banks and credit unions.

The alleged gang members would inspect each ATM for external security features before opening the machine’s door, checking for alarms being triggered or law enforcement rushing to the scene.

Once they confirmed a machine could be safely tampered with, the suspects would either remove the ATM’s hard drive and install the Ploutus variant before reinstalling it, or in some cases simply replace the hard drive with one that already had Ploutus installed. Other instances saw the malware deployed using external thumb drives.

Thought to be first observed in Mexico back in 2013, Ploutus malware targets the cash-dispensing module of ATMs, allowing attackers to issue commands that force the machine to spurt out bills.

According to data shared by the Justice Department, ATM jackpotting attacks have seen more than $40 million stolen via physical device tampering and malware deployment since 2020. It did not share specific figures about how much of that could be attributed to TdA.

“Tren de Aragua is not just a criminal gang; they are a ruthless terrorist organization that preys on communities, spreads fear, and bankrolls violence across borders,” said Mark Zito, special agent in charge at HSI Kansas City.

“HSI and our law enforcement partners will track you down, break up your networks, and ensure you never find safe harbor in the United States. Our mission is to protect American families from predators who think they can operate with impunity. We will not tolerate foreign terrorists stealing from our citizens and threatening our homeland. Our communities are safer today because of the relentless work of this team, and we are just getting started.”

Across the various indictments against alleged TdA members in Nebraska over the past year are additional charges related to assault, money laundering, and sex trafficking of minors.

The announcement comes as the US announces a broader crackdown on the Venezuelan gang, with a slew of indictments across various states charging hundreds of alleged members since January.

The DOJ in Washington also unsealed indictments on Thursday related to other violent crimes committed by more than 70 alleged members, including murder, kidnapping, and drug trafficking.

Two of the group’s suspected leaders were indicted in Colorado on various charges, including RICO offenses, while the alleged mastermind and co-leader of TdA, Hector Rusthenford Guerrero Flores, was charged in New York.

Flores remains at large, although there is a $5 million bounty on his head. The co-leader of TdA escaped from Venezuela’s Tocorón prison in 2012, allegedly with the help of Jimena Romina Araya Navarro – another TdA leader – before being sent back in 2013.

Tocorón was notoriously lawless for years, but during the early 2000s, TdA began to assemble, and by the following decade, it assumed total control of the prison, infamously building amenities such as the Tokio nightclub, a zoo, a swimming pool, and more.

In 2023, Venezuelan authorities regained control of the facility in an operation that saw 11,000 officers storm the grounds, but Flores and his associates reportedly escaped days before.

In other states, New Mexico charged 11 alleged members over violent and armed crimes, and in Texas, more suspected high-ranking members and those in leadership roles were charged with cocaine trafficking, murder, and extortion.

The renewed focus on tackling TdA began in February when Attorney General Pamela Bondi expanded the remit of Joint Task Force Vulcan. Created in 2019, it was originally tasked with bringing down MS-13 gang members, but is now also responsible for handling TdA.

“Immediately upon taking office, I directed the Department of Justice to fiercely pursue the total elimination of cartels and transnational criminal organizations,” said Bondi.

“This latest multi-state series of charges underscores the Trump Administration’s unwavering commitment to restoring public safety, dismantling violent trafficking networks, and ridding our country of Tren de Aragua terrorists.” ®

READ MORE HERE