$140 Million Brazil Bank Heist Turns Crypto: Hackers Funnel Up to $40 Million Through OTC Desks

Blockchain investigator ZachXBT has revealed that hackers responsible for a $140 million breach involving a Central Bank of Brazil service provider have started laundering the stolen funds through cryptocurrencies.

According to his findings, the attackers behind the Brazil bank breach converted between $30 million and $40 million of the stolen funds into crypto assets like Bitcoin, Ethereum, and Tether.

Social Engineering Attack Blamed for $140 Million Crypto-Linked Hack in Brazil

He added that these conversions were carried out through Latin American over-the-counter (OTC) platforms and crypto exchanges.

“I’ll publish theft addresses related to the incident that I found when it’s ok to share them as I have been helping freeze funds and attributing unlabeled OTCs,” ZachXBT added on Telegram.

On June 30, the hackers gained unauthorized access to the reserve accounts of six financial institutions connected to Brazil’s Central Bank via C&M Software.

According to reports, the attackers siphoned off R$800 million (approximately $140 million). This theft has been described as the largest digital heist in the country’s history.

C&M Software confirmed that the breach began with a social engineering attack. In this attack, its employee João Nazareno Roque sold his login credentials to the attackers for around R$15,000 (about $2,780).

“In this case, according to the report provided to the police authorities, the CMSW employee was approached outside the company premises by a third party who introduced himself as ‘connected to hackers’ and promised him financial benefits. The access began with his personal credentials, but there are indications that additional credentials or auxiliary authentication mechanisms were used, which is currently under technical analysis,” the firm stated.

Meanwhile, C&M Software emphasized that the incident stemmed from the misuse of internal credentials and not from any external technical breach.

The firm also stressed that its infrastructure remained uncompromised. It emphasized that its internal controls played a vital role in quickly containing the threat and supporting the ongoing investigation.

Considering this, security experts pointed out that the breach highlights the growing risk of social engineering attacks. In these attacks, perpetrators manipulate employees to gain access to critical systems and data.

“The weakest link is always human,” Fernando Molina, a data analyst at Blockworks said.

Social engineering attacks, such as phishing, impersonation, and fake support channels, are on the rise globally. Notably, a Sprinto report stated that 98% of cyber attackers use these tactics to access sensitive information.

Meanwhile, these types of attacks are also prevalent in the crypto scene. ZachXBT recently revealed that an elderly American lost $330 million in Bitcoin through a similar scheme.

Crypto Phishing Report. Source:

Moreover, a report from Scam Sniffer also revealed that more than 43,000 crypto users lost around $39 million to crypto phishing scams in the first half of the year.