Digital News Brazil

Brazil cyber theft could be biggest ever

BRASILIA, BRAZIL: A scheme that has been skimming funds from Brazilian bank payments over the past two years may be the largest cybercrime heist in history, at some $3.75bn, security researchers say.
Brasilia, Brazil's capital... The cyber theft that took place in the country could be biggest ever. (Image: Wikimedia Commons)
Brasilia, Brazil's capital... The cyber theft that took place in the country could be biggest ever. (Image: Wikimedia Commons)

The scheme targets a Brazilian payment system called the Boleto, which can be issued online and used for most types of payments in the South American country, according to a report from the security firm RSA which appeared last week and has gained attention in cyber security circles.

RSA researchers said the fraud scheme that first emerged in 2012 infected over 192,000 computers and led to some 495,000 fraudulent transactions.

The total amount of losses for 30 banks was estimated at up to $3.75bn, the researchers said.

Boletos are similar to money orders, and are extremely popular in Brazil for online and offline payments,

RSA said the "Bolware" malware effectively disguises the transactions, making it hard for consumers to detect fraud.

It said banks in Brazil "have made significant investments to battle this malware using a variety of different security and anti-malware measures" but that "the Bolware gang has continued to innovate, revising their purpose-built malware through 19 different versions."

Brian Donahue at the security firm Kaspersky Labs said Boleta fraud has been known for some time but that the amounts are disputed.

"I have been told the number may sit near $1.1bn," he said in a blog post Wednesday.

"Whichever is correct, Boletos are costing Brazil a lot of money."

Gary Davis at McAfee Labs said the malware is spread "through familiar phishing techniques that any online user can fall prey to."

The hackers "used advanced evasion techniques - techniques which either erase or hide the footprints of malware - to avoid detection by anti-malware programs and plug-ins," Davis said in a blog.

Source: AFP, via I-Net Bridge


For more than two decades, I-Net Bridge has been one of South Africa’s preferred electronic providers of innovative solutions, data of the highest calibre, reliable platforms and excellent supporting systems. Our products include workstations, web applications and data feeds packaged with in-depth news and powerful analytical tools empowering clients to make meaningful decisions.

We pride ourselves on our wide variety of in-house skills, encompassing multiple platforms and applications. These skills enable us to not only function as a first class facility, but also design, implement and support all our client needs at a level that confirms I-Net Bridge a leader in its field.

Go to:

Let's do Biz