The U.S. Department of Justice (DOJ) has charged 54 individuals in a sweeping crackdown on a transnational cyber-physical attack network.<\/p>\n
The indictments, announced by U.S. Attorney Lesley A. Woods, allege a massive conspiracy involving \u201cATM jackpotting<\/a>\u201d to fund Tren de Aragua (TdA), a designated Foreign Terrorist Organization.<\/p>\n The coordinated operation targeted a sophisticated criminal ring that deployed the notorious\u00a0Ploutus malware\u00a0to siphon millions of dollars from ATMs across the United States.<\/p>\n According to court documents, the attackers utilized a variant of the Ploutus malware<\/a> to compromise financial institutions.<\/p>\n Unlike traditional skimming attacks that steal card data, \u201cjackpotting\u201d involves physically intruding into the machine to force it to dispense cash on command.<\/p>\n The indictment outlines a methodical process used by the conspirators:<\/p>\n The malware was also designed to delete logs to conceal the intrusion.<\/p>\n Federal prosecutors allege the stolen funds were laundered to Venezuela to support TdA leadership. Including the gang\u2019s notorious head, Hector Rusthenford Guerrero Flores (a.k.a. \u201cNi\u00f1o Guerrero\u201d).<\/p>\n Among those charged is Jimena Romina Araya Navarro, a Venezuelan entertainer and alleged TdA leader, accused of providing material support to the organization.<\/p>\n \u201cThe Criminal Division will not tolerate networks of thieves who breach<\/a> the security of our financial system,\u201d said Acting Assistant Attorney General Matthew R. Galeotti.<\/p>\n According to court documents<\/a>, the 54 defendants face severe charges ranging from bank fraud and computer damage to providing material support to terrorists. If convicted, they face prison terms ranging from 20 to 335 years.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post U.S. DOJ Charged 54 in Connection With ATM Hacking Attack by Deploying Ploutus Malware<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n![\"](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiPISwTy1_Lud-5sN9ua6hNS4ZcOBJuPawLAA-JzxU_l9XqwzQBTQaPKa_bxAaHVLVMT3Bk8Ysks_QYMHEiyPcw6ho_RMVXZYdmOZVDId9wUeSVb57Hvu3XpNoPmW23-VcVF6Lq1Bqc9lpmATTqNvGjc7s0eN9em7WUnLpQlhfVzlhC-K1BzfTIU7t8cU4\/s1600\/Screenshot%25202025-12-22%2520111334%2520%25281%2529.webp?ssl=1\")
The Ploutus Connection<\/strong><\/h2>\n
\n
![\"depict](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjtFQmGo_dzeTauV_AnZfqMfUCp_N8TenxcY1T1WaXQmlOtwX9Gxsb4ZFNKhchwuhkbpAehxq9WHyM5DpQriB5PvXf0eRBWUpjIZfqmdoVPyY-f-ADKr9OVACbnzTQEfGOTM83i2EUnViBR2VIn8i78OfhmMMUHayvgUOcwWP_TA0AmSdAs0Wc44pg1WPo\/s1600\/Screenshot%25202025-12-22%2520110954%2520%25281%2529.webp?ssl=1\")