webmail 
LiveChat 
Support 
Hackers try to steal R$ 8.6 billion using bank slip malware
For some time now, bank slips have been the target of hackers: the infected PC changes the document and, when you pay it, you actually deposit money into the attacker's account. But the Federal Police and the FBI discovered an international scheme that tried to steal R$ 8.57 billion in this way – it is the “boleto gang”.
According to Folha de S. Paulo, almost half a million tickets are on the gang's servers in the US. However, not all were paid: only the police investigation will be able to discover the value of the fraud. 192,000 computers have been infected since 2012, all running Windows.
The scheme was discovered by RSA teams in Brazil, the US and Israel, who posed as hackers in restricted online communities and managed to reach the gang's 40 computers in the US.
And how does the scam work? It involves “bolware”, or boleto malware. THE New York Times explains:
Criminals infected PCs by sending emails with malicious links and attachments that, once clicked, would download the bolware onto the computer.
The bolware was installed on the Windows operating system and worked through web browsers – including Google Chrome, Mozilla Firefox and Microsoft Internet Explorer – where it modified slips and redirected payments directly to the criminals' own accounts. The bolware also collected users' email credentials, likely to send more malicious emails and infect more computers.
It is difficult to identify a fake boleto, because the original is intercepted before you can even see it: it is sent to the gang's server in the USA, modified and only then displayed to the user.
The bolware also affects the payment of printed slips: it detects when you enter the numerical code, and changes it so that the amount is deposited into the criminals' account.
This malware was first detected in 2012, but never in such a gigantic scheme organized by a single gang. According to Febraban, the entity that represents banks, 95% of bank robberies in Brazil occur through electronic fraud.
But Sheet, the entity says that the handling of slips “seems technically inconsistent”, and recalls that slips represented only 4.5% of the volume of payments last year. According to the Central Bank, more than six billion boletos were issued in the country in 2013.
To avoid bolware, the procedure is the same as to stay away from malware: install a good free antivirus – we recommend the free Avast with these tweaks – and don't click on links in suspicious emails. And for anyone thinking about leaving Windows, a warning: Jason Rader of RSA says he is “concerned that hackers will develop malware for other platforms”.
English 
Portuguese 
Spanish