Suspect from Bulgaria apprehended for ATM hacking in Nonthaburi
A Bulgarian man identified as Ivan Valchev, 50, has been arrested in Thailand in connection with an ATM heist by a foreign gang. The suspect was apprehended on Tuesday at a rented house in Tambon Bang Phlap, Pak Kret district, by a team from the Cyber Crime Police Division 1.
During the raid, the team impounded stolen data cables and other related equipment allegedly used in the money thefts. Police did not disclose the exact amounts stolen, but the operation stems from a complaint made by a financial institution in March.
Investigators believe that the gang, dressed as ATM mechanics, used a master key-like tool to open the machines and replace the data cables with ones carrying a malware known as Jackpot. This malware is known to cause ATMs to dispense more money than the amount entered on the keypad.
Footage from security cameras showed that two to three individuals were using a rented Honda City car to visit various bank sites. At least 13 ATMs in the area were affected, and the police have been monitoring their activities leading to Mr. Valchev's arrest.
Upon his arrest, Mr. Valchev denied the charges, stating that the equipment was his, but his role was limited to opening the machines.
Jackpot malware, often used in jackpotting attacks, allows criminals to manipulate ATMs to illicitly disburse large sums of money without using legitimate bank cards or PINs. Such cybercrime gangs typically employ a combination of sophisticated malware and physical tampering or insider knowledge to execute large-scale ATM thefts. This incident suggests a transnational crime organization involved in coordinated attacks, targeting multiple ATMs for maximum theft in a short period.
However, specific details about the Bulgarian gang responsible for the ATM thefts in Nonthaburi remain elusive at this time. Further investigations are ongoing.
- The Cyber Crime Police Division 1, after apprehending Ivan Valchev in Thailand, discovered that the Jackpot malware used in the ATM heist is a common tool in general-news topics of cybersecurity and crime-and-justice.
- The investigation uncovered that the gang, who used Jackpot malware in a series of ATM thefts, employed a combination of advanced technology and physical tampering, demonstrating the complexity of modern cybersecurity issues.
