Brazilian law enforcement has uncovered an audacious cybercrime operation in which hackers infiltrated the central bank reserves of multiple financial institutions, siphoning off nearly $148 million—all with the help of a bribed IT technician who allegedly accepted less than $3,000 for his role in the breach.
The suspect, 48-year-old João Nazareno Roque, was an employee of C&M, a financial software firm that manages payment systems between smaller banks and Brazil’s central bank. According to reports from g1 Globo, Roque claimed he was approached by a stranger outside a bar who knew about his work at C&M. After negotiations, he allegedly accepted a mere 15,000 Brazilian reais (about $2,770 USD) in exchange for granting the hackers access to the company’s internal systems.
The Attack: Swift, Bold, and Nearly Successful In the early hours of June 30,
the cybercriminals exploited their unauthorized access to redirect roughly 800 million reais ($147.7 million) from client bank reserves into accounts they controlled. The fraudulent transactions continued for nearly two and a half hours before C&M’s client, BMP, detected the suspicious activity and triggered a shutdown.
Blockchain investigator ZachXBT estimates that the hackers managed to convert $30-40 million of the stolen funds into cryptocurrencies—including Bitcoin (BTC), Ethereum (ETH), and Tether (USDT)—likely using over-the-counter (OTC) exchanges to obscure the money trail.
Recovery Efforts and Arrests
Authorities have since frozen several suspect accounts, recovering approximately $50 million of the stolen reserves. BMP, which lost $73.8 million, has reportedly reclaimed $29.5 million, according to CEO Carlos Benitez.
Roque was arrested on July 3 and remains in custody as investigations continue. Despite the massive breach, a source told Reuters that no end clients suffered direct losses, as the stolen funds were drawn exclusively from institutional reserve accounts.
This incident highlights the critical vulnerabilities in third-party financial infrastructure and raises alarming questions about insider threats in high-security banking systems. With cybercriminals increasingly targeting weak links—whether through bribes or coercion—financial institutions may need to reassess internal safeguards to prevent similar breaches.
(Sources: g1 Globo, Reuters, NeoFeed, ZachXBT)
Only for Education perpouse not financial advice!
#Brazil #BTC #BrazilBitcoin #crypto #ETH