Financial System Hacker Attack: TED Infrastructure Hit Again
“`html
Brazilian Fintech Monbank Hit by $4.9 Million Cyberattack; TED System Targeted
Table of Contents
A recent cyberattack on Brazilian fintech Monbank resulted in the theft of $4.9 million, marking the third publicly disclosed incident targeting the Brazilian financial sector in two months. Unlike previous attacks focused on Pix, this breach exploited the TED (Transferência Eletrônica Disponível) system.
The Attack on Monbank: A Deep Dive
Fintech Monbank experienced a significant security breach on Tuesday, leading to the diversion of $4.9 million from its reserve account. This incident follows similar attacks on C&M Software and Sinqia, bringing the total number of publicly acknowledged cyberattacks on Brazilian financial institutions to three in just two months.Crucially,this attack bypassed the widely scrutinized Pix infrastructure,instead targeting the older,but still heavily used,TED system.
Sources close to the investigation, as reported by O Valor Econômico, indicate the attack occurred during a TED transaction to a non-customer. Prior attempts by the attackers to infiltrate the system thru the Pix environment were successfully blocked by the Central Bank of Brazil (BC).
TED vs. Pix: Understanding the Differences and Vulnerabilities
The Brazilian Payment System (SPB) encompasses various transfer methods, with Pix and TED being two of the most prominent. Pix,launched in 2020,offers instant payments and has rapidly gained popularity. TED, while not instant, remains a vital component of interbank transfers.
| Feature | Pix | TED |
|---|---|---|
| Transaction Speed | Instant (24/7) | Batch processing (typically within a few hours) |
| Security Focus | real-time fraud monitoring, tokenization | Conventional security protocols, reliance on account verification |
| Attack Surface | Newer system, evolving security challenges | Established system, perhaps overlooked vulnerabilities |
The fact that attackers shifted their focus from Pix to TED suggests a strategic assessment of vulnerabilities. While Pix has received significant security attention, the TED system may have presented a less fortified target. This highlights the importance of continuous security assessments across *all* payment infrastructure components.
the Common Thread: Reserve Accounts and PSTIS
The attacks on C&M and Sinqia shared a common element: targeting the reserve accounts of financial institutions that utilized services from facts Technology Services (PSTIS). These reserve accounts, held at the Central Bank of Brazil, are essential for settling interbank operations, including Pix, TED, and boleto payments.
The PSTIS connection suggests a potential systemic vulnerability. If a weakness exists within PSTIS’s security infrastructure, multiple financial institutions could be at risk. The Central Bank is likely investigating whether the attacks exploited a flaw within PSTIS’s systems or if the attackers independently identified vulnerabilities in each institution’s setup.