On June 30, approximately $140 million was stolen from the reserve accounts of six Brazilian financial institutions as a result of a cyberattack targeting C&M Software.
Methods of Cyber Attack
Reports indicate hackers paid an employee of C&M Software around R$15,000 (~$2,760) for corporate login credentials. With this information, they used social engineering techniques to gain unauthorized access to the central bank's infrastructure and siphoned funds from the reserve accounts of institutions like Banco BMF on the same day.
Investigation and Arrests
According to blockchain investigator ZachXBT, he has been actively collaborating with Brazilian law enforcement to trace the stolen funds and prevent further laundering on-chain. At least one suspect, the C&M employee who sold his credentials, has been arrested, and approximately R$270 million, or about $55 million in compromised funds, has been frozen.
Response and Implications
Security analysts warn that the eye-catching figure of $140 million distracts from the larger threat of social engineering, consistently one of the top vulnerabilities in the financial sector. In response to the incident, the Central Bank of Brazil has reinforced monitoring systems, although neither C&M nor the Central Bank has released detailed reports on the attack's impact.
The cyber heist on the Central Bank of Brazil highlights the increasing threat posed by social engineering methods in cybercrime. Authorities are focused on recovering stolen assets and preventing further crypto activities.
