On June 30, 2025, hackers executed the largest-ever cyberattack on Brazil's banking system by exploiting a critical vulnerability in C&M Software, a Central Bank-authorized service provider that manages API connections for Brazilian financial institutions.
They stole over R$1 billion (approximately $180 million) from reserve accounts linked to multiple banks. The attackers gained unauthorized access through C&M’s role as a messaging gateway for Brazil’s Instant Payment System (PIX), allowing them to manipulate transfer protocols connecting banks, fintechs, and payment processors to the national financial infrastructure.
Immediately after the theft, the hackers began converting the stolen funds into cryptocurrencies, primarily Bitcoin and the stablecoin USDT, using cryptocurrency exchanges, gateways, and over-the-counter (OTC) desks integrated with PIX.
Several crypto service providers detected suspicious transactions, blocked operations, and froze accounts linked to the attack. Despite the breach, BMP confirmed that no customer funds were accessed, as the attack only involved its reserve account at the Central Bank.
This incident highlights the increasing use of cryptocurrencies as a channel for laundering proceeds from traditional financial crimes, given their liquidity and pseudo-anonymity.
Regulatory bodies and law enforcement are now focusing on tracing stolen funds across blockchain networks and coordinating internationally to freeze assets and identify perpetrators. The Brazilian authorities are actively investigating the case and working with crypto platforms to mitigate the damage.
It's me, @justmythoughts, an ordinary Hive user looking to make the most of the platform. I will appreciate your support. Follow me for more. Thanks, Gracias :)
Posted Using INLEO
