Feds charge 14 with making ATM cashouts appear like one

Share this article:

Fourteen people have been charged with stealing more than $1 million from Citibank ATMs in several Southern California and Nevada casinos.

Thirteen of the defendants were arrested last Wednesday and Thursday, according to a Friday news release from the FBI. Law enforcement noted how fast the crooks made off with stolen cash, calling the incident a million-dollar “gone in 60 seconds bank fraud,” since several withdrawals, most for just under $10,000, occurred in a minute's time.

The alleged fraudsters were able to exploit a "loophole," or business logic flaw, in Citibank's account security protocols – in essence, tricking the system to believe that multiple transactions were actually just one.

The withdrawals were done in short time frame at different ATMs, taking advantage of a Citibank processing system which treated "identical, near-simultaneous withdrawals as duplicates of a single withdrawal from an individual Citi checking account," according to court documents filed last Tuesday. The schemes date back to May 2009, and continued through January 2010.

Twenty-nine-year-old ring leader, Ara Keshishyan, of Fillmore, Calif., allegedly recruited the other defendants to open Citibank accounts and deposit money in them – only to later withdraw large sums of money from Citibank cash advance kiosks at 11 casinos. 

The heists in Southern California took place at the Spa Resort Casino in Palm Springs; San Manuel Indian Bingo & Casino in Highland; Pechanga Resort & Casino in Temecula; Chukchansi Gold Resort and Casino in Coarsegold; Morongo Casino Resort & Spa in Cabazon; Agua Caliente Casino Resort Spa in Rancho Mirage; and The Bicycle Club casino in Bell Gardens. The Wynn Las Vegas and Tropicana Casino of Las Vegas were also hit, as well as Harrah's Casino in Laughlin, Nev. and Whiskey Pete's Hotel and Casino in Primm, Nev.

“The indictment alleges that, after the cash was collected from the casino cages,  Keshishyan would typically give conspirators their ‘cut' – and keep the remainder of the stolen funds – which were often used to gamble,” said the FBI release. “The casinos frequently comped the conspirators with free rooms due to their extensive gambling activity. As part of the alleged scheme, the defendants were also careful to keep both their deposits and withdrawals under $10,000 in order to avoid federal transaction reporting requirements and conceal their fraud.”

The other 13 defendants, who all reside in California, include Ara Harutyunyan, 30; Artur Harutyunyan, 24; Vahe Asatrian, 29; Sarkis Mooshidian, 37; Levon Karamyan, 58; Migran Yamalyan, 30; Seryozha Harutyunyan, 59; Lianna Avetisyan, 24; Ashot Oganisyan, 30; Ovsep Sarfyan, 33; Daniel Thomas, 56; Hilda Hakverdyan, 53; and Asatur Asatryan, 33.  

If convicted, ringleader Keshishyan, who is charged with 14 counts of bank fraud, could face up to 30 years in prison and a $1 million fine. The other defendants could each face up to five years in prison and a $250,000 fine.

A Citibank spokesperson could not be reached on Tuesday by SCMagazine.com, but one told The Press-Enterprise, a publication serving inland Southern California, that the financial company had closed the flaw that permitted the multiple transactions.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.