Man Sentenced in ATM Skimming Conspiracy

ATM skimming

A Romanian national has been sentenced to 5 years in prison after racking up almost $400,000 in an ATM skimming scheme.

A New York state man has been sentenced to five years for an elaborate ATM skimming conspiracy that allowed him to steal at least $390,141 from victims.

Bogdan Rusu, 39, of Queens, NY pleaded guilty to participating in the scheme, which used secret card-reading devices and pinhole cameras on various New Jersey, Massachusetts and New York bank locations.

“Rusu and others captured payment card account information from customers as they accessed their accounts through automatic teller machines (ATMs) and then used that information to steal money from the customers’ bank accounts,” according to a Tuesday Department of Justice press release.

After obtaining the customer account information, including account numbers and personal identification numbers, Rusu “and others” would then transfer the illegally obtained information to counterfeit payment cards. They then used those counterfeit cards to steal money from the accounts, according to DoJ.

Rusu, a Romanian national, was part of a larger ATM skimming scheme that ultimately drained more than $868,000 from accounts. Eleven other defendants charged in this scheme have also pleaded guilty.

ATM theft as an activity is nothing new – with attack vectors varying. In 2016, researchers discovered the Cobalt Group, a.k.a. Carbanak, which used phishing emails to infect the targeted banks’ networks, then pivoting to individual ATMs and planting malicious code on them. In this way, the group was able to siphon over $1 billion for the financial industry.

In 2017, the FBI caught three men visiting ATMs in Wyoming, Colorado and Utah, stealing tens of thousands of dollars, with $24,000 from one machine alone. Surveillance camera footage from one attack showed the men opening the top of an ATM in order to physically deploy Ploutus.D malware. And in February 2019, two men were arrested and charged in Connecticut with using malware for jackpotting. The Department of Justice said a search of their vehicle revealed “tools and electronic devices consistent with items needed to compromise an ATM machine to dispense its cash content.”

Concerned about mobile security? Check out our free Threatpost webinar, Top 8 Best Practices for Mobile App Security, on Jan. 22 at 2 p.m. ET. Poorly secured apps can lead to malware, data breaches and legal/regulatory trouble. Join our experts to discuss the secrets of building a secure mobile strategy, one app at a time. Click here to register.

Suggested articles


  • Anonymous on

    Let me start by thanking you. Things has not started getting really bad sons of devil has opened a way for themselves, stealing. This very thing would have happened if i did not tell me husband, not to give permission to eprice marketing company to have access to our ebay account no matter how smaill the money is they will line to the rest account if there is any left They requested we should give them order to make use of our account, they needed the ebau number when i wanted to buy my singer quantum 9960 series. There are alot of thieves on the website asking for support, some say they were online lawyers. They would have duped me during my time of distress concerning not having access to any of my email accounts to able me contacr my relatives. This people are everywhere they go into people's phone. When we see people dress on suite, we think they are responsible, only few are responsible when it comes for money. 5 years jail is too small for such an evil act taking such a huge amount from saving of a particular person. If they did not get the money back from the theif how is the owner goiung to survive. This is why i am saying that everyone is afraid to make any tranaction through webside. No body can buy anything now because of these thieves. thanks for reaching me

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.