ATM jackpotting, once considered a niche cybercrime technique, has now reached a level where it is drawing the attention of the highest levels of law enforcement. The FBI has added Anibal Alexander Canelon Aguirre, an alleged leader of a global ATM jackpotting operation, to its Ten Most Wanted Fugitives list, highlighting the growing threat posed by cyber-enabled financial crime.
The announcement was made by FBI Omaha Special Agent in Charge Eugene Kowel and U.S. Attorney for the District of Nebraska Lesley Woods, who said Aguirre allegedly orchestrated a large-scale ATM jackpotting conspiracy that targeted banks across the United States. Authorities believe the operation generated millions of dollars that ultimately supported Tren de Aragua, a transnational gang designated as a foreign terrorist organization.
ATM Jackpotting at the Center of the Case
At the heart of the investigation is ATM jackpotting, a cyberattack technique in which criminals install ATM malware to force machines to dispense cash without authorization. Instead of physically robbing a bank vault, attackers exploit software vulnerabilities in the ATM system.
According to investigators, Aguirre allegedly led teams that traveled across the United States to carry out these attacks. Once the ATM jackpotting malware was installed, cash withdrawals could be triggered on command, allowing crews to quickly empty machines.
Law enforcement officials say this was not a series of isolated attacks. The operation allegedly involved a coordinated network where the stolen money moved through complex laundering channels before reaching the criminal organization behind the scheme.
Charges Linked to Cybercrime and Financial Fraud
A federal arrest warrant for Aguirre was issued on December 9, 2025, in the U.S. District Court for the District of Nebraska. Prosecutors have charged him with multiple offenses connected to the ATM jackpotting conspiracy, including:
- Conspiracy to commit bank fraud
- Conspiracy to commit bank burglary and damage a protected computer system
- Conspiracy to commit money laundering
- Conspiracy to provide material support to terrorists
The case is being investigated through Joint Task Force Vulcan, working alongside the Computer Crime and Intellectual Property Section (CCIPS) of the U.S. Department of Justice.
Officials say the charges reflect the scale and seriousness of the alleged cybercrime network.
Why ATM Jackpotting Is Now a National Security Concern
For years, ATM jackpotting attacks were largely viewed as financial crimes affecting banks and ATM operators. But this case demonstrates how cybercrime techniques can intersect with organized crime and even terrorism financing.
Special Agent Eugene Kowel said the alleged ATM jackpotting operation created a “multimillion-dollar revenue stream” that ultimately supported the activities of Tren de Aragua.
This development signals an important shift in how authorities view ATM jackpotting malware attacks. What once looked like opportunistic cyber theft is now seen as a tool that organized criminal groups can use to generate funds at scale.
The decision to place Aguirre on the FBI Ten Most Wanted list—a list historically reserved for violent offenders—shows how seriously authorities are treating the threat.
First Cyber Fugitive on the FBI’s Most Wanted List
Aguirre’s addition to the list is significant for another reason. He is the first cyber fugitive to appear on the FBI’s Ten Most Wanted Fugitives list since it was created in 1950.
The list has included 540 fugitives over the decades, and more than 500 have been captured or located, often with assistance from the public. The FBI believes public awareness could once again play a key role in locating Aguirre.
Officials say the suspect should be considered armed and dangerous. He is described as a 49-year-old man with black and gray hair, approximately 5’5” to 5’7” tall, and weighing about 190 pounds. Authorities say he has connections in Venezuela and Mexico and speaks Spanish.
Public Help Could Be Critical
The FBI is offering a reward of up to $1 million for information leading to Aguirre’s arrest. Investigators are urging anyone with information to contact the FBI tip line or submit information online.
Beyond the manhunt, the case serves as a reminder that ATM jackpotting attacks are no longer just technical exploits. When cybercrime merges with organized criminal networks, the financial damage can quickly turn into a broader security issue.
