Blockchain investigator ZachXBT revealed that the perpetrators of a $140 million hack involving a Brazilian Central Bank service provider have begun laundering the stolen funds through cryptocurrencies.
According to his investigation, the Brazilian bank hackers converted between $30 million and $40 million of the stolen funds into cryptocurrencies such as Bitcoin, Ethereum, and Tether.
Social Engineering Attack, Cause of Brazil's $140 Million Crypto Hack
He added that these conversions were made through Latin American over-the-counter (OTC) platforms and cryptocurrency exchanges.
"I will disclose when I can share the stolen addresses related to the incident. I am helping to track and freeze funds and label-less OTC." – ZachXBT, added on Telegram.
On June 30th, hackers unauthorized accessed the preliminary accounts of six financial institutions connected to the Brazilian Central Bank through C&M Software.
According to the report, the attackers stole approximately 800 million reais (about $140 million). This theft was described as the largest digital robbery in the country's history.
C&M Software confirmed that the breach began with a social engineering attack. In this attack, employee João Nazareno Roque sold his login credentials to the attackers for about 15,000 reais (approximately $2,780).
"In this case, according to the report provided to the police authorities, the CMSW employee was accessed by a third party 'connected to hackers' from outside the company, with a promise of financial gain. The access began with his personal credentials, but additional credentials or secondary authentication mechanisms may have been used, which are currently under technical analysis." – the company stated.
Meanwhile, C&M Software emphasized that the incident stemmed from the misuse of internal credentials and there was no external technical breach.
The company also stressed that its infrastructure was not compromised and that internal controls played a crucial role in quickly containing the threat and ongoing investigation.
Considering this, security experts pointed out that this breach highlights the increasing risks of social engineering attacks. In such attacks, criminals manipulate employees to access critical systems and data.
"The weakest link is always the human." – Fernando Molina, Blockworks data analyst, said.
Social engineering attacks such as phishing, impersonation, and fake support channels are increasing globally. Specifically, according to a Sprinto report, 98% of cyber attackers use these tactics to obtain sensitive information.
Meanwhile, these types of attacks are also common in the cryptocurrency sector. ZachXBT recently revealed that an American elderly person lost $330 million in Bitcoin through a similar method.
Additionally, according to a Scam Sniffer report, over 43,000 cryptocurrency users lost approximately $39 million to cryptocurrency phishing scams in the first half of this year.
