Brazil’s $140M Bank Heist Goes Crypto: Hackers Launder $40M via OTC Desks in Bold Digital Pivot

Cybercriminals just schooled traditional finance on liquidity—the hard way. After siphoning $140 million from a Brazilian bank, they’re funneling up to $40 million through crypto OTC desks. Who needs SWIFT when you’ve got unregulated exit ramps?

The OTC shuffle

Over-the-counter crypto trades—the shadowy alleyways of digital finance—just became the hottest laundry service in town. No KYC, no problem. Hackers sliced through fiat rails like butter, proving once again that blockchain doesn’t discriminate between legit traders and thieves.

Bank heists meet DeFi

While regulators hyperventilate over stablecoins, real-world criminals are executing the ultimate cross-chain bridge: from vaults to VASPs. The takeaway? Banks still can’t count their vaults, but blockchain’s transparency might just catch these clowns—after they’ve cashed out, naturally.

Another day, another case of ‘unbanked’ funds finding their way into crypto—ironic, given how often bankers call it a haven for criminals. Maybe they’re just jealous of the efficiency.

Social Engineering Attack Blamed for $140 Million Crypto-Linked Hack in Brazil

He added that these conversions were carried out through Latin American over-the-counter (OTC) platforms and crypto exchanges.

“I’ll publish theft addresses related to the incident that I found when it’s ok to share them as I have been helping freeze funds and attributing unlabeled OTCs,” ZachXBT added on Telegram.

On June 30, the hackers gained unauthorized access to the reserve accounts of six financial institutions connected to Brazil’s Central Bank via C&M Software.

According to reports, the attackers siphoned off R$800 million (approximately $140 million). This theft has been described as the largest digital heist in the country’s history.

C&M Software confirmed that the breach began with a social engineering attack. In this attack, its employee João Nazareno Roque sold his login credentials to the attackers for around R$15,000 (about $2,780).

“In this case, according to the report provided to the police authorities, the CMSW employee was approached outside the company premises by a third party who introduced himself as ‘connected to hackers’ and promised him financial benefits. The access began with his personal credentials, but there are indications that additional credentials or auxiliary authentication mechanisms were used, which is currently under technical analysis,” the firm stated.

Meanwhile, C&M Software emphasized that the incident stemmed from the misuse of internal credentials and not from any external technical breach.

The firm also stressed that its infrastructure remained uncompromised. It emphasized that its internal controls played a vital role in quickly containing the threat and supporting the ongoing investigation.

Considering this, security experts pointed out that the breach highlights the growing risk of social engineering attacks. In these attacks, perpetrators manipulate employees to gain access to critical systems and data.

“The weakest LINK is always human,” Fernando Molina, a data analyst at Blockworks said.

Social engineering attacks, such as phishing, impersonation, and fake support channels, are on the rise globally. Notably, a Sprinto report stated that 98% of cyber attackers use these tactics to access sensitive information.

Meanwhile, these types of attacks are also prevalent in the crypto scene. ZachXBT recently revealed that an elderly American lost $330 million in Bitcoin through a similar scheme.

Moreover, a report from Scam Sniffer also revealed that more than 43,000 crypto users lost around $39 million to crypto phishing scams in the first half of the year.