Hackers Meet Brazilian IT Tech Outside Bar, Persuade Him to Help $100 Million Heist
July 09, 2025
Hackers have stolen $100 million from Brazil's banking system by allegedly exploiting a single IT employee at C&M Software, a company linking financial institutions to the Central Bank's PIX payment network.
João Nazareno Roque worked as a junior back-end developer at C&M. He was already in his 40s when he decided to make a career change.
"I'm at an age where many people expect to already hold C-level positions, but I'm here eager to start over, with the sparkle in my eyes and the drive of a young man," Roque wrote online shortly before authorities arrested him.
How hackers recruited Roque
In March 2025, hackers targeted Roque due to his position at C&M. A stranger approached him outside a bar in São Paulo, showing that he had detailed knowledge about his job and offering cash in exchange for access credentials.
Roque allegedly accepted the offer and handed over his login credentials for around $925. Two weeks later, the hackers offered Roque another $1,850 to help carry out additional fraudulent commands on C&M's systems.
How the hack went down
Using Roque's credentials, the attacker executed large-scale fraudulent PIX transactions in just one night and managed to transfer almost $100 million from at least six financial institutions connected through C&M's software.
The theft alarmed Brazil's financial community. Investigators quickly froze around half the stolen funds, and authorities are still pursuing at least four other suspects they say are directly linked to the cyberattack.
The hackers exploited no software vulnerabilities at C&M. Instead, they manipulated an insider using social engineering techniques.
"Preliminary evidence indicates the breach resulted from unauthorized access to credentials through social engineering—not flaws in our systems," C&M stated publicly following Roque's arrest.
Following the breach, Brazil's Central Bank temporarily suspended parts of C&M's operations and initiated a massive investigation.
tags
Author
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsRight now Top posts
Fake Download of Mission: Impossible – The Final Reckoning Movie Deploys Lumma Stealer
May 23, 2025
Scammers Sell Access to Steam Accounts with All the Latest Games – It's a Trap!
May 16, 2025
How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices
April 03, 2025
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
