Do you need yet another reminder of the insider threat? Today’s example is from Brazil and involves an employee of a bank’s software vendor. CoinTelegraph reports:
C&M Software, the service provider that connects Brazil’s Central Bank to local banks and other financial institutions, was hacked on Wednesday, leading to 800 million Brazilian reais ($140 million), in stolen funds from six institutions connected to the central bank.
The hack occurred after an employee of C&M allegedly sold his login credentials to the threat actor for roughly $2,700, allowing them to access the software system and steal funds held in reserve accounts, according to Brazilian news outlet São Paulo.
Onchain detective ZachXBT said the hackers converted an estimated $30 million to $40 million of the stolen funds to Bitcoin (BTC), Ether (ETH) and USDt (USDT), which they laundered through Latin American exchanges and over-the-counter (OTC) trading platforms.
Read more at CoinTelegraph.