Brazilian Financial Institutions Targeted in US $180 Million Cyber Heist 

• Hackers managed to steal over R $1 billion from the reserve accounts of multiple financial institutions in Brazil.
• BMP, Bradesco, and Credsystem were among the targeted entities in the country via a C&M Software flaw exploit.
• The attackers ultimately laundered and converted the funds into Bitcoin and USDT.

Hackers have successfully executed a high-profile cyber heist, siphoning over R$1 billion (approximately US $180 million) from reserve accounts at prominent financial institutions in Brazil, including BMP, Bradesco, and Credsystem. 

The breach exploited a vulnerability in the infrastructure of C&M Software, a technology provider officially licensed by the Central Bank of Brazil.  

The attackers capitalized on this security weakness to infiltrate and extract funds from the reserve accounts hosted by C&M Software. Following the breach, the stolen money was funneled through an intricate money-laundering network. 

Utilizing Brazil’s Pix payment system, the actors converted the funds into Bitcoin and USDT, leveraging crypto exchanges, OTC desks, and digital swap platforms integrated with Pix to cover their tracks and obscure the origin of the money.  

C&M Software’s role as an authorized technology intermediary for the Central Bank introduces significant implications for trust and security within Brazil’s banking ecosystem. 

With attackers targeting such centralized yet highly interconnected systems, the potential for cascading impacts on financial stability becomes a grave concern.  

The use of Pix, Brazil's instant payment network that has been praised for its speed and efficiency, as a conduit for laundering proceeds further amplifies the fallout. 

The Central Bank of Brazil said, “C&M Software, a technology service provider for institutions that provide transactional accounts that do not have their own means of connection, reported an attack on its technological infrastructure. The Central Bank ordered C&M to disconnect the institutions’ access to the infrastructures it operates.”

The integration of crypto assets with mainstream payment platforms accelerates fund transfers and complicates detection and prevention efforts, creating an opaque financial pathway that can be exploited by malicious actors.