Hacks continue to pose a threat in both traditional finance and DeFi. On July 14, blockchain investigator ZachXBT reported his assistance in tracing between $30 million and $40 million stolen from Brazilian banks.
Discovery of Fund Theft
A recent cyberattack on a service provider for the Central Bank of Brazil, C&M, highlighted significant security issues within the Brazilian banking system. By converting stolen funds from fiat to cryptocurrency, the attackers managed to obfuscate part of their actions. ZachXBT reported successfully freezing approximately $5 million through collaboration with several cryptocurrency exchanges.
Mechanisms of the Hack
On June 30, hackers targeted C&M Software, a contractor for Brazil’s Central Bank and the PIX instant payment system. Local media reported that the security breach occurred when an employee sold his credentials to the attackers for $2,700. The hackers ultimately siphoned off between $140 million and $180 million in reserves. ZachXBT noted that approximately $40 million of that total was converted into crypto assets.
Response from Brazilian Authorities
In response to the incident, Brazil’s Central Bank suspended part of C&M’s operations. Authorities arrested the 48-year-old employee who sold his credentials to the attackers and are pursuing additional members of the group, believing that at least four more individuals were involved in the scheme. As of July 4, law enforcement had frozen about $50 million in stolen assets.
The hack of Brazilian banks underscores the ongoing threats in cybersecurity for both traditional and digital finance. The collaboration between law enforcement and blockchain investigators like ZachXBT is becoming a crucial step in the fight against crime.
