Hackers Steal $140 Million from Brazilian Central Bank, Launder Funds Through Crypto

A sophisticated cyberattack targeting Brazil’s central bank reserve accounts has resulted in the theft of over $140 million (R$800 million), much of which was swiftly funneled through cryptocurrency channels.

The breach, which occurred on June 30, stemmed from compromised access to São Paulo-based fintech provider C&M Software, according to information from blockchain investigator ZachXBT and Brazilian authorities.

The scheme began when João Nazareno Roque, a C&M employee, allegedly sold his login credentials for roughly $2,770 and later developed a second access mechanism for an additional $1,850, giving attackers full control over the vendor’s infrastructure. This access enabled unauthorized fund transfers from six reserve accounts held at the Central Bank of Brazil, moving the money into accounts linked to regional crypto exchanges and OTC desks.

Investigators estimate that $30–$40 million of the stolen funds have already been converted into Bitcoin, Ethereum, and USDT. Transaction records reveal the hackers routed funds across exchanges in Brazil, Argentina, and Paraguay, relying on OTC brokers to convert stolen fiat into crypto within hours.

Authorities have frozen R$270 million ($49.8 million) so far and are working to trace remaining assets. Roque remains in custody, with law enforcement alleging that he frequently changed phones to evade tracking.

READ MORE:

Donald Trump Signs “One Big Beautiful Bill”: How It Can Reshape the Crypto Market

Crypto Laundering Raises Red Flags

While laundering efforts were rapid, sources say several Brazilian OTC platforms refused to process the large transactions, triggering alarms. Exchange operators have since begun freezing wallets tied to flagged addresses, though Federal Police declined to confirm which platforms were involved.

In response, the central bank disconnected C&M-linked institutions temporarily and is reviewing future access controls. Officials suggest that payment systems like PIX may undergo tighter regulation.

The federal probe is ongoing, with Brazilian authorities prioritizing fund recovery and dismantling the criminal network behind one of the country’s largest financial cyberheists to date.

Kosta Gushterov

Kosta has been working in the crypto industry for over 4 years. He strives to present different perspectives on a given topic and enjoys the sector for its transparency and dynamism. In his work, he focuses on balanced coverage of events and developments in the crypto space, providing information to his readers from a neutral perspective.