22 August 2017
Find out more

Brazilian scammers score $3.75 billion in malware bank fraud

03 July 2014  |  8310 views  |  3 Brazilina flag 2

Brazilian criminal gangs have netted $3.75 billion in a micro-transaction fraud that compromises transactions made using the popular Boleto payment method.

RSA Research has discovered a Boleto malware or 'Bolware' fraud ring that may have compromised 495,753 Boleto transactions over a two-year period. The malware uses Man-in-the Browser attack vectors to intercept and modify Boleto information so that payments are redirected to a fraudster's account.

The Boleto system - in which consumers use merchant-generated invoices for B2B and retail purchases - is regulated by Banco Central do Brasil and has become the second most popular payment method (behind credit cards) in Brazil, accounting for an estimated 18% of all spending in the country during 2012.

Boletos can be generated both offline (printed copies) and mailed to customers, or online (by online stores for example) for electronic payments. Their popularity has risen because of the convenience for consumers who don't require a personal bank account to make payments using Boletos. Importantly, for the scammers, payments made via this method are not subject to chargebacks and can only be reverted by bank transfer.

To date, RSA Research has discovered the total value of all Boletos that were harvested by the Bolware C&C server amount to a total of US$3.75 billion. While the scammers behind this operation may have had the potential to cash out these modified Boletos, it is not known exactly whether all the funds were successfully redirected to fraudster-controlled bank accounts.

Up to 34 banks are believed to have lost money to the operation. RSA has turned over its research to both US and Brazilian law enforcement and has been in direct contact with the banks in question.

Comments: (3)

Stephen Bowen
Stephen Bowen - IRIS Analytics GmbH - Neu-Isenburg | 04 July, 2014, 10:33

Surely this is $3.75m not $3.75billion? If it were billion, then each payment would be worth $7,500 - not exactly "micro".

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Gerard Hergenroeder
Gerard Hergenroeder - IBM - New York | 07 July, 2014, 14:34

I agree it must be $ millions, not $ bilions. But, the fact still remains the systems was compromised which hurts its future growth.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Stephen Bowen
Stephen Bowen - IRIS Analytics GmbH - Neu-Isenburg | 08 July, 2014, 12:44

I have just seen a copy of the RSA report on this fraud, and it does seem that the losses could amount to US$3.75bn. Unbelievable.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Korean banks under siege from Android malware

Korean banks under siege from Android malware

27 June 2014  |  9156 views  |  0 comments | 6 tweets | 8 linkedin
Ransomware moves to the mobile - and it's after your banking data

Ransomware moves to the mobile - and it's after your banking data

17 June 2014  |  5945 views  |  0 comments | 9 tweets | 5 linkedin
Researchers find more than 100 malware families targeting bitcoin

Researchers find more than 100 malware families targeting bitcoin

27 February 2014  |  6839 views  |  1 comments | 8 tweets | 3 linkedin
Cyber-crime cops bust malware ring behind £1 million bank thefts

Cyber-crime cops bust malware ring behind £1 million bank thefts

11 December 2013  |  5525 views  |  0 comments | 8 tweets | 5 linkedin
Carberp banking malware source code leaked

Carberp banking malware source code leaked

27 June 2013  |  5190 views  |  0 comments | 2 linkedin
Cheque forgers move into 21st century with phishing and malware

Cheque forgers move into 21st century with phishing and malware

24 April 2012  |  6724 views  |  0 comments
Russian security services bust notorious malware ring

Russian security services bust notorious malware ring

21 March 2012  |  6414 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.dorsum.eudownload the paper nowvisit www.worldpaymentsreport.com

Who is commenting?

A Finextra member Finextra Member Commented on: Real-time payments in...
A Finextra member Finextra Member Commented on: Barclays uses sensors...

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
12114 views comments | 26 tweets | 23 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
10569 views comments | 22 tweets | 32 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
9998 views 0 | 5 tweets | 1 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
9814 views comments | 10 tweets | 8 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
9709 views comments | 19 tweets | 23 linkedin