Specialists in European IT recruitment

Offering complete and comprehensive recruitment solutions to some of the largest Consultancies, Vendors and Blue Chips across Europe. Be confident in the knowledge that Sequential PS can find the right person for the job - while always ensuring complete employment compliance across Europe.

Specialists in European IT recruitment

Think Sequential. Think Solutions.

Continually offering tailored, successful recruitment solutions to IT Professionals across Europe. We are here to advise on and secure that next move.

Think Sequential. Think Solutions.

Latest News

  • Smart Phone Listening
    31  Mar
    It all began with a car crash. I was doing some ironing when my mum came in to tell me that a family friend had been killed in a road accident in Thailand.
  • The need for a board-level Cybersecurity Committee
    31  Dec
    Why It's Time For A Board-Level Cybersecurity Committee
  • Huge Russian cyber criminal theft
    06  Aug
    Russian cyber criminals steal 1.2 billion usernames and passwords
  • Why IAM will be worth over $10 billion by 2018
    11  Jul
    Enterprises are increasing their investment in Identity and Access Management (IAM) solutions. According to research firm MarketsandMarkets, the IAM Market is expected to grow 15.1% over the five year...
  • The Ways Google Glass Users Risk Breaking UK Privacy Laws
    04  Jul
    There is much hyperbole around Google Glass’ impact on privacy and the apparent widening of the panopticon of surveillance the wearable technology will help bring about. Yet whatever moral issues are ...

Boleto malware may lose Brazil $3.75bn

An estimated 495,753 Boleto transactions have been compromised, which means the hackers could have stolen up to $3.75bn (£2.18bn).

Researchers say it is not known whether the fraudsters were successful in collecting on all of the transactions.

Boleto Bancario allows an individual to pay an exact amount to a merchant and can be used for almost every kind of transaction, from the weekly shop to phone bills.

Boletos can be used and generated both online for electric transfers and offline with printed paper.


The attack has been described by US-based security company RSA, a division of data storage corporation EMC, as "a major fraud operation and a serious cybercrime threat to banks, merchants and banking customers in Brazil".

It is not clear how much has been stolen or whether all the funds were successfully redirected to fraudster-controlled bank accounts.

However, this will have been the largest electronic theft in history if even half of the valued worth turns out to be in the hands of criminals, according to the New York Times.

The number of infected PCs totals 192,227 - an additional 83,506 email user credentials have also been stolen.

Known colloquially as a man-in-the-browser threat, the malware silently injects itself into users' web browsers after hackers have initially tricked individuals into clicking malicious links in seemingly ordinary looking emails. This is similar in principle to phishing scams.

Once the malware is in the browser, fraudsters can begin to intercept and alter Boleto details. This activity is invisible to the user.

"Because of its stealth capabilities, end-users also have little chance of detecting Boleto fraud on their own," said RSA researchers.

Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer are all vulnerable to the attack.

'A serious impact'

"Brazil has long been a hotbed of cybercrime, and although we don't know exactly what financial impact may have been caused by this sophisticated attack it's possible that different factors might have helped the hackers get away with it," said computer security analyst Graham Cluley.

"Sadly Brazilian computers aren't always necessarily running the very latest anti-virus software, and because Boletos aren't used outside of Brazil it might have made security companies less vigilant about the threat."

Boletos are the second most popular payment method in Brazil, responsible for an estimated 18% of all purchases during 2012.

"Such attacks will have a serious impact on the confidence we place in increasingly common digital payment methods," warned Dr Andrew Rogoyski, chair of techUK cyber-security group.

Mr Cluley advises users to "be cautious about opening unsolicited email attachments or clicking on unknown links, and keep your computer updated with security patches and the latest anti-virus".