The recent ~$140M (R$ 800M) cyberattack on the Central Bank of Brazil services provider C&M Software is easily one of the most insane cases from this year.

Six financial institutions experienced unauthorized access to their reserve accounts on June 30, 2025.

Attackers converted fiat to BTC / ETH / USDT via Latam OTCs / exchanges. By my estimate at least $30-40M was converted to crypto.

Brazilian law enforcement has since shared the threat actor paid an employee at C&M only $2.76K (R$ 15K) for his corporate login and password.

I'll publish theft addresses related to the incident that I found when it's ok to share them as I have been helping freeze funds and attributing unlabeled OTCs.

Have not seen much coverage on the incident outside of Brazil.