C&M Worker Paid $920 in $140 Million Bank Hack

Hackers siphoned nearly $140 million from six Brazilian banks by exploiting login credentials purchased from an employee at C&M, a company specializing in financial connectivity services. The C&M worker received just $920 in exchange for the sensitive access, which attackers later used to orchestrate one of the country’s most damaging cyber heists.

The breach targeted C&M’s infrastructure, allowing the intruders to infiltrate the banking systems through legitimate channels. By leveraging real credentials, the attackers bypassed traditional security mechanisms and gained direct access to critical financial platforms. Authorities have not disclosed the names of the affected banks.

Investigators revealed that the C&M worker paid $920 played a pivotal role in enabling the operation, though it remains unclear whether the employee acted knowingly or was deceived. The incident highlights the growing threat of credential-based attacks and insider involvement in large-scale financial crimes.

Read the full report at:
https://www.bleepingcomputer.com/news/security/employee-gets-920-for-credentials-used-in-140-million-bank-heist/