Two men have been arrested and charged in Connecticut with using malware to target local ATMs for free cash.
Spaniard Alex Alberto Fajin-Diaz, 31, and Argenys Rodriguez, 21, of Springfield Massachusetts, were arrested on January 27 and charged with bank fraud stemming from a so-called ATM “jackpotting” campaign.
Police had been investigating a series of these attacks on ATMs in Guildford and Hampden, Connecticut, and Providence, Rhode Island.
The two were arrested after Citizens Bank officials in Cromford, Connecticut alerted the authorities to a possible attack on one of their ATMs.
Police are said to have apprehended the duo nearby, with the cash-point in question in the process of dispensing $20 notes thanks to jackpotting malware that had been installed on it.
A search of their vehicle, which was fitted with false number plates, revealed “tools and electronic devices consistent with items needed to compromise an ATM machine to dispense its cash content,” according to a Department of Justice notice.
Fajin-Diaz and Rodriguez were also said to be carrying more than $9000 in $20 notes.
They’re now facing up to 30 years behind bars.
It’s unclear whether the duo are also suspected of the jackpotting raids elsewhere in Connecticut and Rhode Island.
Such attacks are nothing new, but can vary in sophistication.
An analysis in 2016 uncovered a group suspected of carrying out raids in 14 countries across Europe. The Cobalt Group used phishing emails to infect the targeted banks’ networks, before pivoting to the individual ATMs to plant the malicious code and then send a remote command to issue the cash.
Kaspersky Lab has previously advised ATM operators to build-in default-deny policies and device control, alongside other technical measures to protect ATMs against physical access.