Security researchers had uncovered what they believe is a significant cybercrime operation in Brazil that took aim at $3.75 billion in transactions by Brazilians.It is unclear what percentage of the $3.75 billion worth of compromised transactions was actually stolen. But if even half of that value was redirected to criminals, the scope of the swindle would eclipse any other previous electronic theft.
Marcus pointed out the true profit from the 495,753 stolen transactions was unknown and the billions were potential earnings from a malware-based campaign that scraped financial details.
Marcus said "While the investigation did not yield evidence as to whether the fraudsters were successful in collecting on all of these compromised transactions, RSA researchers did find evidence of their value – estimated to be up to US$3.75 billion."
Researchers said the ring had been using what they called bolware, a play on Boletos and malware, a term for software intended for illegitimate purposes to intercept legitimate Boletos payments and redirect them to the accounts of criminals or mules, who are people paid to stand in for the criminals.
One malware gang operating a botnet had netted US$250,000 in the four months to June this year from 383 Boleto transactions, a leaked bot webpanel obtained by Brian Krebs showed.
The malware's authors were continuously updating their wares to keep abreast of defensive manoeuvres by Brazil banks and have pushed out 19 fixes to date.
Previous Boleto fraud attempts worked by sending dodgy transaction phishing requests via post and email to victims and by replacing deposit slip data with the fraudster's mule bank account details.
The researchers have handed over the victim and attacker information to US and Brazil authorities who have alerted affected banks.
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
