SAO PAULO — A massive cybercrime ring in Brazil may have stolen billions of dollars from a widely used online payment system, a technology security company said.
The RSA Security division of EMC Corp. said in a research report released Wednesday that a “malware-based fraud ring” had infiltrated the online payment method known as the boleto, diverting payments to accounts held by members of the ring.
Boletos are used in a wide range of transactions, such as telephone, school tuition, mortgage and credit card payments.
The report said the scheme may have compromised close to 500,000 transactions with an estimated value of $3.75 billion over a two-year period. However, researchers were unable to determine how many of those boletos were paid by victims or whether they went to fraudster-controlled bank accounts.
It said transactions of 34 banks were affected, though it did not name the banks.
The Federation of Brazilian Banks that represents Brazil’s banking industry said the country’s banks lost about $700 million to electronic fraud in 2012.
RSA said it turned over its report to Brazil’s federal police, to the Federal Bureau of Investigation and to the federation.
The federal police and the federation said they had no immediate comment.
According to the report, the boleto system is the second most popular payment method in Brazil after credit cards.
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.