Key Insights:
- Brazil’s banking infrastructure recently experienced a $140 million cyberattack through crypto from an employee selling login credentials for $2,700.
- A massive portion of the stolen funds was immediately converted into crypto for laundering.
- The incident shows the rising role of crypto as a tool for money laundering, as well as how fragile centralized systems can be.
Brazil recently lived through one of the most devastating cyber thefts in its history.
Between Friday and Saturday, hackers reportedly broke into C&M Software, a service provider that connects Brazil’s Central Bank to other financial institutions.
They then made off with 800 million Brazilian reais, which is approximately $140 million in US dollars. Here’s how the hack unfolded and millions got siphoned off overnight.
A $2,700 Credential Sale Leads to $140 Million Theft
According to Brazilian media outlet São Paulo, the hack happened when an employee of C&M Software allegedly sold their corporate login credentials for around $2,700.
This small bribe gave the hackers easy access to the firm’s software systems. The “software” in question included reserve accounts managed by six financial institutions linked to Brazil’s Central Bank.
Once inside, the attackers got to work and moved funds from these accounts in a clearly premeditated crime. This incident shows the massive risk that comes with reliance on centralized systems.
Crypto And Money Laundering
After the funds were stolen, a huge portion (between $30 million and $40 million) was converted into assets like Bitcoin, Ethereum and USDT. According to insights from ZachXBT, the hackers funneled the crypto through Latin American exchanges and over-the-counter (OTC) trading platforms right after stealing it.
This shows a trend of cybercriminals favoring crypto when it comes to moving stolen or illegal funds with low traceability.
The Centralized Weakness in a Crypto Decentralized Space
The breach at C&M Software stands as the latest in the long line of incidents that expose how fragile centralized systems can be. This is especially true for the digital age where AI tools now make it easier for bad actors to identify and take advantage of vulnerabilities.
Last year alone, centralized exchanges and services saw a massive increase in hacking incidents. According to insights from Chainalysis, the worst of these hacks happened between Q3 and Q4.
Centralized systems have single points of failure like login credentials or access keys. They are becoming more and more attractive for hackers who want high returns and low risk. In essence, centralized systems are the lowest hanging fruits for hackers within the crypto space.
Employee Bribery As A New Threat Vector
This isn’t the first case where bribing insiders led to massive hacks. Coinbase suffered a similar hack recently, where customer support agents were manipulated into sharing sensitive data.
The resulting hack led to a hack that affected nearly 69,000 users. This rise of insider threats shows a much more serious issue with companies investing heavily in perimeter defenses while overlooking the human element.
Ironically, this hack comes just months after Brazilian lawmakers started to warm up to crypto. In February, proposals were made to allow investment funds to allocate capital to digital assets.
“font-weight: 400;”>Still, while the central bank hack was mostly involved in fiat currency, the hackers using crypto to launder the stolen funds show the dual nature of blockchain technology as a tool for empowerment and as a vector for abuse.
“font-weight: 400;”>CertiK recently published findings that show a jaw-dropping $2.5 billion lost to hacks and scams in just the first half of the year. Overall, the $140 million hack should serve as a wake-up call to both public institutions and private tech companies.
To prevent further occurrences, organizations must rethink how they manage access and build their infrastructure.
The post $140 Million Stolen: Brazilian Banking Infrastructure Gets Hacked Overnight appeared first on Live Bitcoin News.