In mid-2025, Brazil’s Payment System (SPB) suffered one of the most severe cyber incidents in its history, triggered by the compromise of a critical technology service provider supporting hundreds of banks and fintechs. A single insider, armed with privileged access and institutional certificates, enabled attackers to inject technically valid payment transactions directly into the national instant payment infrastructure.

This talk presents a deep, investigation-driven analysis of the incident, breaking down how the attack unfolded, why existing controls failed, and how the abuse of trusted credentials led to systemic financial impact. Attendees will gain insight into insider-enabled attacks, supply chain risk, and the security implications of automated settlement systems where “valid” does not always mean “legitimate.”

Outline (Investigation & Systemic Risk Focused)

Incident Overview
What happened in Brazil’s Payment System in 2025.
Why this incident was different from traditional financial fraud.

Understanding the Trust Chain
The role of PSTIs in the Brazilian financial ecosystem.
How trust relationships became the attack surface.

Attack Flow Breakdown
Insider compromise and privileged access abuse.
Misuse of digital certificates and institutional credentials.
Injection of fraudulent transactions into SPI/SPB.

Why the Transactions Were “Valid”
How cryptographic trust and automation enabled the attack.
Limitations of traditional fraud and anomaly detection.

Detection, Response, and Containment
How exchanges and institutions detected abnormal behavior.
Central Bank intervention and systemic shutdown.
Recovery efforts and ongoing investigation.

Key Security Failures
Privileged access without behavioral monitoring.
Poor segregation of secrets and certificates.
Supply chain blind spots in critical infrastructure.

Lessons Learned
Why insider threats remain one of the hardest risks to manage.
The danger of over-trusting “technically valid” operations.
What this incident teaches about modern financial cyber risk.

Closing Takeaways
Practical insights for financial institutions, regulators, and service providers.