Tren de Aragua Members Indicted in US Multi-Million Dollar ATM Jackpotting Scheme
Published
Key Takeaways
- Significant indictment: Over 50 individuals, some associated with Tren de Aragua, face charges linked to an alleged ATM jackpotting operation in the U.S.
- Financial impact: The scheme allegedly resulted in the theft of millions of dollars from financial institutions by manipulating automated teller machines (ATMs).
- Malware deployment: The group utilized specialized malware and physical access devices to force ATMs to dispense cash without authorization.
Federal authorities in the U.S. have announced two indictments charging a total of 54 individuals, some associated with Tren de Aragua, in connection with a widespread ATM jackpotting conspiracy. The defendants are charged with conspiracy to commit bank fraud, access device fraud, and computer intrusion.
The indictments reflect ongoing U.S. law enforcement actions targeting Tren de Aragua (TdA), a violent transnational criminal organization that has traditionally been associated with violent crimes but is now expanding its portfolio into sophisticated financial cybercrime.
Tren de Aragua Indictments
An official press release says 22 defendants were charged in December with conspiracy to provide material support to terrorists, conspiracy to commit money laundering, conspiracy to commit bank fraud and burglary and related activity in connection with computers.
The Department of Justice (DoJ) said one of the indicted persons, Jimena Romina Araya Navarro, an alleged TdA leader and Venezuelan entertainer sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), reportedly helped the notorious head of TdA Hector Rusthenford Guerrero Flores (a.k.a. “Niño Guerrero”) escape from prison in 2012.
An earlier indictment charged 32 individuals with conspiracy to commit bank fraud, bank burglary, computer fraud, and computer damage.
Since January 20, 2025, the DoJ has federally indicted over 260 members of TdA. If convicted, the defendants face a maximum term of imprisonment of 20 to 335 years.
Mechanics of the ATM Hacking Scheme
The ATM hacking scheme spanning multiple states employed by the TdA group was highly coordinated and technically complex. According to court documents, members of the organization gained physical access to ATMs to install malware or specialized hardware devices.
This malicious software disrupted the machine's normal operations, allowing the perpetrators to issue commands that forced the ATMs to dispense large volumes of cash in the U.S. – a technique referred to as "jackpotting." This method bypasses the need for stolen customer debit cards, instead directly attacking the financial institution's infrastructure.
“As alleged, these defendants employed methodical surveillance and burglary techniques to install malware into ATM machines, and then steal and launder money from the machines, in part to fund terrorism and the other far-reaching criminal activities of TdA, a designated Foreign Terrorist Organization,” said Acting Assistant Attorney General Matthew R. Galeotti of the Justice Department’s Criminal Division.
Multi-Million Dollar Cybercrime Impact
This multi-million-dollar cybercrime operation has resulted in substantial losses for banks and ATM operators across the country. The indictment alleges that the proceeds from these thefts were laundered and funneled back to the organization's leadership to fund further criminal activities.
The evolving threat landscape sees traditional street gangs adopting advanced cyber capabilities to maximize illicit profits.
In other recent news, authorities in France arrested an Interior Ministry cyberattack suspect. In December 2024, a Byte Federal data breach exposed images of 58,000 Bitcoin ATM users.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular