Boleto malware may lose Brazil $3.75bn

Hacker Hackers may have pocketed $3.75 Billion

Related Stories

Researchers from an American security company have unearthed a substantial malware-based fraud ring.

The operation has infiltrated one of Brazil's most popular payment methods, Boleto, for two years.

An estimated 495,753 Boleto transactions have been compromised, which means the hackers could have stolen up to $3.75bn (£2.18bn).

Researchers say it is not known whether the fraudsters were successful in collecting on all of the transactions.

Boleto Bancario allows an individual to pay an exact amount to a merchant and can be used for almost every kind of transaction, from the weekly shop to phone bills.

Boletos can be used and generated both online for electric transfers and offline with printed paper.

Start Quote

Be cautious about opening unsolicited email attachments or clicking on unknown links”

End Quote Graham Cluley Computer security analyst

The attack has been described by US-based security company RSA, a division of data storage corporation EMC, as "a major fraud operation and a serious cybercrime threat to banks, merchants and banking customers in Brazil".

It is not clear how much has been stolen or whether all the funds were successfully redirected to fraudster-controlled bank accounts.

However, this will have been the largest electronic theft in history if even half of the valued worth turns out to be in the hands of criminals, according to the New York Times.

The number of infected PCs totals 192,227 - an additional 83,506 email user credentials have also been stolen.

Known colloquially as a man-in-the-browser threat, the malware silently injects itself into users' web browsers after hackers have initially tricked individuals into clicking malicious links in seemingly ordinary looking emails. This is similar in principle to phishing scams.

Once the malware is in the browser, fraudsters can begin to intercept and alter Boleto details. This activity is invisible to the user.

"Because of its stealth capabilities, end-users also have little chance of detecting Boleto fraud on their own," said RSA researchers.

Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer are all vulnerable to the attack.

'A serious impact'

"Brazil has long been a hotbed of cybercrime, and although we don't know exactly what financial impact may have been caused by this sophisticated attack it's possible that different factors might have helped the hackers get away with it," said computer security analyst Graham Cluley.

"Sadly Brazilian computers aren't always necessarily running the very latest anti-virus software, and because Boletos aren't used outside of Brazil it might have made security companies less vigilant about the threat."

Boletos are the second most popular payment method in Brazil, responsible for an estimated 18% of all purchases during 2012.

"Such attacks will have a serious impact on the confidence we place in increasingly common digital payment methods," warned Dr Andrew Rogoyski, chair of techUK cyber-security group.

Mr Cluley advises users to "be cautious about opening unsolicited email attachments or clicking on unknown links, and keep your computer updated with security patches and the latest anti-virus".

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

  • Man holding lipWitch hunt

    The country where a writer accused of blasphemy must run


  • Espresso cupNews quiz

    Which city serves the strongest cup of coffee?


  • Malaysian plane wreckage in UkraineFlight risk

    How odd is it to have three plane crashes in eight days?


  • Irvine WelshDeaf ears

    Five famous Scots who can't vote in the Scottish referendum


BBC Future

(NASA)

The five greatest space hacks

We present the ultimate in DIY fixes Read more...

Programmes

  • Leader of Hamas Khaled MeshaalHARDtalk Watch

    BBC exclusive: Hamas leader on the eagerness to end bloodshed in Gaza

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.