Security Experts:

Programmer Heads to Prison After Planting Cash-Spitting Malware on ATMs

A former Bank of America (BOA) computer programmer was sentenced to 27 months in federal prison, after he installed malware on Bank of America ATMs that allowed him to suck out large amounts of cash from the machines. He pleaded guilty on April 13, 2011 and was sentenced this week.

Bank of America Programmer Gets Prison time After Installing Malware on ATMSAccording to the Department of Justice, Rodney Reed Caverly, 54, was hired by Bank of America and assigned to work on a project involving the bank’s ATM systems. From March 2009 to October 2009, Caverly knowingly and with intent to defraud, exceeded his authorized access by gaining access to one or more protected BOA computers and installed malware on select Bank of America ATMs. The malware that he installed on certain ATMs enabled him to suck cash from the machines without any transaction record of the disbursements. Fortunately, his actions didn't affect any customer accounts, as the code caused only the unauthorized disbursement of cash stored in the ATM machines, not tied to any accounts.

Caverly was ordered by a judge to pay restitution in the amount of $419,310.90. The restitution amount includes $284,750 Caverly stole from ATMs and $134,750.90 in costs incurred by BOA to remove from the bank’s malware-infected ATMs. U.S. Secret Service agents also recovered $167,010 of stolen cash.

Related: Don't Panic Over the Latest Mac Malware Story

The investigation was handled by the U.S. Secret Service, Charlotte Field Office, and was prosecuted by Assistant U.S. Attorney Thomas O’Malley of the U.S. Attorney’s Office in Charlotte.

Related Reading:

• Man Pleads Guilty to Hacking Neighbor's Wireless, Sending Threats against Vice President

• Former Goldman Sachs Programmer Found Guilty After Stealing Computer Code

 Chinese National Pleads Guilty to Stealing Ford Trade Secrets

• Akamai Employee Arrested, Accused of Trying to Sell Information to Foreign Government

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.