More NewsCyber Criminals Target Brazilian Online Payments System

Cyber Criminals Target Brazilian Online Payments System

Cyber criminals, who targeted Brazil’s popular Boleto Bancário online payment system using malicious software, may have stolen billions of dollars. Brazilians routinely use Boletos to process online payments, including small business transactions.

US provider of IT storage hardware EMC Corp said its RSA Security unit reports that the criminals have been using software known as ‘Eupuds’ to steal funds from customers of the payment system, redirecting them to fraudulent accounts.

RSA estimates that fraudsters sought to siphon off as much as 8.6bn reais (BRL), equivalent to US$3.9bn from more than 192,000 accounts. However, the actual amount stolen could be less as researchers were unable to confirm which Boletos were actually paid out.

They believe the operation is still ongoing and have offered to assist Brazilian authorities in tracking down the perpetrators, who may have begun their operation more than 18 months ago. RSA said it met with members of Federação Brasileira de Bancos (Febraban), the group that represents Brazil’s banking industry.

The malware currently only targets Boleto transactions processed on PCs running Microsoft Corp’s Windows software.

“We’re concerned that the attackers will be able to develop the malware for other platforms,” said Jason Rader, director of cyber threat intelligence with RSA.

“These attackers have online and offline techniques, and they’ve understood vulnerabilities in these operating systems.”

Comments are closed.

Subscribe to get your daily business insights

Whitepapers & Resources

2021 Transaction Banking Services Survey
Banking

2021 Transaction Banking Services Survey

2y
CGI Transaction Banking Survey 2020

CGI Transaction Banking Survey 2020

4y
TIS Sanction Screening Survey Report
Payments

TIS Sanction Screening Survey Report

5y
Enhancing your strategic position: Digitalization in Treasury
Payments

Enhancing your strategic position: Digitalization in Treasury

5y
Netting: An Immersive Guide to Global Reconciliation

Netting: An Immersive Guide to Global Reconciliation

5y