Jackpotting Justice: How Venezuelan Hackers Turned US ATMs Into Cash Cows

It started like a scene from a cybercrime thriller: late-night streets, a targeted ATM, and two determined hackers with a plan. But this was no Hollywood script. In a case that has sent ripples through the US financial sector, Luz Granados and Johan Gonzalez-Jimenez, both Venezuelan nationals, were convicted for orchestrating a high-tech heist - turning everyday cash machines into their own personal slot machines, thanks to a decade-old malware called Ploutus.

The scheme was as daring as it was effective. Armed with laptops and technical know-how, Granados and Gonzalez-Jimenez physically accessed ATMs, removing external panels to connect directly to the machine’s internals. Their weapon of choice: Ploutus, a malware first discovered over a decade ago in Latin America, infamous for its ability to force ATMs to spit out their entire cash reserves on command - a technique dubbed “jackpotting.”

According to the US Department of Justice, the pair’s crime spree didn’t go unnoticed. After a string of suspicious ATM withdrawals, investigators traced the activity back to the duo. Their conviction follows a broader federal crackdown on transnational cybercriminals: just weeks earlier, five other Venezuelans were sentenced for similar crimes, and in December, US prosecutors charged 54 individuals - many linked to the notorious Tren de Aragua syndicate - for their roles in a multi-state jackpotting ring.

What makes this case remarkable isn’t just the international angle or the audacity of the attacks. It’s a chilling reminder that, despite its age, Ploutus remains a potent threat. While headlines about ATM malware have faded since the late 2010s, law enforcement says the tool was still active as recently as August 2025. The technical sophistication required is high, but so are the rewards - tens of thousands of dollars in a matter of minutes, all through a few keystrokes and a compromised ATM.

Both Granados and Gonzalez-Jimenez have been ordered to pay restitution - $126,340 and $285,100 respectively. Gonzalez-Jimenez will serve 18 months in prison before deportation; Granados, already in custody, awaits removal. Their convictions are a warning to would-be cybercriminals: US authorities are watching, and the days of easy ATM jackpots may be numbered.

As financial institutions continue to modernize, the battle between cybercriminals and law enforcement only intensifies. Old malware never truly dies - it adapts, waiting for the next vulnerable machine or unsuspecting technician. For now, the Ploutus-powered jackpotters are facing justice. But the lesson is clear: in the digital age, the line between the physical and cyber worlds is thinner than ever, and the next big heist could be just a code update away.

WIKICROOK

• Jackpotting: Jackpotting is a cyberattack where hackers use malware or hardware to force ATMs to dispense all their cash, bypassing security controls.
• Ploutus: Ploutus is advanced ATM malware that enables attackers to dispense cash and erase evidence, posing a major threat to financial institutions.
• Restitution: Restitution is a legal requirement for offenders to compensate victims for losses caused by crimes, often through payment or returning stolen assets.
• Tren de Aragua: Tren de Aragua is a Venezuelan crime group known for cyberattacks, extortion, and trafficking, posing a significant international cybersecurity risk.
• Malware: Il malware è un software dannoso progettato per infiltrarsi, danneggiare o rubare dati da dispositivi informatici senza il consenso dell’utente.