Police in Brazil have arrested a suspect in connection with a major cyberattack that stole over one hundred million dollars. The massive breach affected Brazil’s widely used instant payment system which is known to the public as PIX. Hackers targeted C&M, a software company that connects financial institutions to the country’s national Central Bank. This software company enables PIX instant payment transactions for many different financial institutions that are located in Brazil.
Police officials have identified the primary suspect as João Roque, a C&M employee who worked in information technology.
He allegedly helped the other cybercriminals gain unauthorized access to the PIX instant payment system for their attack. According to the police, Roque told investigators that he sold his credentials to the hackers who recruited him. After breaching the company’s system, the hackers carried out massive fake PIX operations during a single night. The widespread fraud did not affect individual clients but only the financial institutions that had contracted with C&M.
The police are now trying to identify other members of the group who participated in this major cyberattack. They said that at least four more people participated in the sophisticated and well-coordinated cyberattack against the company. Authorities are also currently tracking and attempting to freeze all of the suspected assets that were stolen. So far, the authorities have successfully blocked 270 million reais that are linked to this particular criminal scheme.
Brazil’s Central Bank suspended part of C&M’s operations after the company took measures to reduce further risk.
C&M said in a statement that it is cooperating with authorities in the ongoing and active investigation. Preliminary evidence indicates the breach stemmed from unauthorized access to security credentials through some social engineering tactics. The company has claimed that the breach did not result from any inherent flaws in its software systems. Police in Sao Paulo said the $100 million loss refers to just one single financial institution that worked with C&M. This means that the total financial losses from this incident could actually be much higher than first reported.
Reference:
