Cyber Criminals Target Brazilian Online Payments System

Cyber criminals, who targeted Brazil’s popular Boleto Bancário online payment system using malicious software, may have stolen billions of dollars. Brazilians routinely use Boletos to process online payments, including small business transactions.

US provider of IT storage hardware EMC Corp said its RSA Security unit reports that the criminals have been using software known as ‘Eupuds’ to steal funds from customers of the payment system, redirecting them to fraudulent accounts.

RSA estimates that fraudsters sought to siphon off as much as 8.6bn reais (BRL), equivalent to US$3.9bn from more than 192,000 accounts. However, the actual amount stolen could be less as researchers were unable to confirm which Boletos were actually paid out.

They believe the operation is still ongoing and have offered to assist Brazilian authorities in tracking down the perpetrators, who may have begun their operation more than 18 months ago. RSA said it met with members of Federação Brasileira de Bancos (Febraban), the group that represents Brazil’s banking industry.

The malware currently only targets Boleto transactions processed on PCs running Microsoft Corp’s Windows software.

“We’re concerned that the attackers will be able to develop the malware for other platforms,” said Jason Rader, director of cyber threat intelligence with RSA.

“These attackers have online and offline techniques, and they’ve understood vulnerabilities in these operating systems.”


Related reading