Security

Cops find ATM spewing cash, car with dodgy plates, stack of $20 bills and hacking kit inside

Two cuffed on suspicion of US ATM jackpotting plague

By Richard Chirgwin

28 SHARE

US authorities have arrested a pair suspected of being involved in a recent wave of Automatic Teller Machine "jackpotting" heists.

The crimes came to light in late January 2017 when ATM-makers Diebold and Nixdorf warned banks to be on the lookout for jackpotters in the US. The US Secret Service weighed in with its own news that raiders had already made off with more than US$1 million.

Jackpotting attacks usually involve pushing malware into the target ATM. The Diebold and Nixdorf alert identified Ploutus-D, malware that causes an ATM to cough up all its cash and which was used in similar attacks in Latin America.

On Monday, the United States Department of Justice announced it had arrested 21-year-old Springfield Massachusetts resident Argenys Rodriguez and a 31-year-old Spanish citizen, Alex Alberto Fajin-Diaz, for their part in a jackpotting operation.

The pair were spotted near a Citizens Bank ATM in Cromwell, Connecticut, which had been compromised and was in the process of disgorging its load of $20 bills.

When police searched the suspects' vehicle – which had “floater” plates from another car – they found “tools and electronic devices consistent with items needed to compromise an ATM”, as well as more than $9,000 in twenties.

The arrests happened on January 27. The pair were brought before a judge on Monday, February 5th. They currently remain in detention.

Authorities are still investigating jackpotting attacks in Connecticut towns (Hamden and Guilford) and in Providence, Rhode Island. ®

Sign up to our NewsletterGet IT in your inbox daily

28 Comments

More from The Register

Russian malware harvesting Telegram Desktop creds, chats

Python programmer may have outed himself on YouTube

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

US-CERT warns of more North Korean malware

'Typeframe' springs from the same den as 'Hidden Cobra'

Advanced VPNFilter malware menacing routers worldwide

Cisco's Talos team says 500k already pwned and leaking data

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

DOJ convicts second bloke for helping malware go undetected

Scan scam? Scram

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Password-stealing backdoor lobbed at Windows boxes

Medic! Orangeworm malware targets hospitals worldwide

Hacking campaign goes after care providers and equipment

Malware targeting cash machines fetches top dollar on dark web

Demand massively outstrips supply, researchers find

Security bods liberate EITest malware slaves

Miscreants' command and control network traffic sent down sinkhole