US sentences to prison its first ATM jackpotter

Argenys Rodriguez got 12 months and a day in prison for making ATMs spit out cash.
Written by Catalin Cimpanu, Contributor

A 22-year-old man was sentenced to one year and a day in prison for his role in an ATM jackpotting scheme, becoming the first person to receive a prison sentence for a crime of this nature in the US.

ATM jackpotting isn't by any chance a new thing. The term is used by law enforcement and the IT security industry to describe scenarios where a crook uses various techniques --usually malware-- to make ATMs "spit out cash."

ATM jackpotting attacks first appeared in Russia a few years back, then spread to Europe and Asia, and made their way to Latin America and Mexico last year.

At the start of the year, ATM vendor Diebold Nixdorf sent out a security alert warning US banks that ATM jackpotting had also started appearing in the US, as well.

Also: Starting at $40, hackers can attack your business with services bought on the dark web TechRepublic

Days after this alert made headlines in US press, news also broke out that US law enforcement also arrested two groups of ATM jackpotters.

The first arrests took place in Wyoming last October, where law enforcement apprehended a group of four individuals.

Court documents say authorities caught the group after officers smelled marijuana smoke coming out of a parked van during a routine patrol. During a search of the vehicle, police found several backpacks full with cash, and they later connected the group to several reports of local ATMs that have been mysteriously emptied.

But while this group is still tied in the legal system, a first sentence was delivered to a man captured during late January 2018, as part of a second group.

This second group was a two-man team made up of Spanish national Alex Alberto Fajin-Diaz, 31, and Argenys Rodriguez, 21, of Springfield, Massachusetts.

According to court documents, the two deployed the Ploutus malware on ATMs located across Connecticut (cities of Cromwell, Hamden, and Guilford) and Rhode Island (city of Providence).

The two were arrested after an ATM jackpotting at Citizens Bank's Cromwell branch. Bank employees reported the ATM hack, and police officers picked up the two in the middle of another ATM jackpotting attack, while the ATM was still dispensing $20 bills.

Officers found over $5,600 in cash in the suspects' car, along with equipment needed to carry out ATM jackpotting attacks.

Both pleaded guilty in June. Rodriguez was sentenced on Wednesday, September 26, while Fajin-Diaz is still waiting for his sentencing hearing. Rodriguez's imprisonment will be followed by two years of supervised release, and the judge also ruled he'll have to pay restitution in the amount of $121,355.38.

Also: NSA leaker Reality Winner sentenced to over 5 years in prison CNET

But while ATM jackpotting attacks are now commonplace in the US and sentences are expected to flow for subsequent arrests, another type of ATM attack has also crept in.

The US Secret Service has recently issued a warning to financial institutions about ATM wiretapping attacks, also known as ATM eavesdropping.

This type of attack was described at the Kaspersky SAS security conference in 2017 (see after the 12:00-minute mark in the video below) and consists of crooks drilling holes in ATMs in the position of known cables and connectors to place a skimmer inside. The hole is then hidden with a faceplate or a large sticker, and crooks retrieve skimmer after a few days of collecting card data.

Previous and related coverage:

What is malware? Everything you need to know

Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

FBI solves mystery surrounding 15-year-old Fruitfly Mac malware

Fruitfly malware author used port scanning with weak or no passwords to identify potential victims.

Meet Torii, a new IoT botnet far more sophisticated than Mirai variants

The evolving IoT botnet is able to compromise an impressive array of architectures.

Teenage Apple hacker avoids jail for 'hacky hack hack' attack

The self-proclaimed Apple fan stole roughly 90GB of confidential data from the iPad and iPhone maker.

Related stories:

Editorial standards