João Nazareno Roque worked at C&M Software and said he had given access to hackers; Defense claims that he was used as a “puppet”
The man suspected of collaborating with the hacker attack against the company on the 3rd (1st.Jul.2025) said he would have received $ 15,000 as payment to facilitate the invasion of the system. João Nazareno Roque, 48, by on Thursday (3.Jul).
In a video testimonial obtained by “”, from TV GloboRoque, who worked as a technology operator for C&M, told police at prison that hackers knew where he worked and 1 of them approached him in a bar.
Roque reported that he only communicated with criminals for cell phone, and that he exchanged device every 15 days to be tracked. He said he had received $ 5,000 at the beginning and then another $ 10,000 in cash.
Roque’s defense argues that he was deceived. The suspect’s lawyer, Jonas Reis, told the “fantastic” that the man “served as a puppet ” e “I didn’t know about this multimillionaire coup ”.
According to the report, with the help of the employee, hackers started access to the reserve accounts of different banking institutions. These accounts are part of a BC requirement for all financial institutions, are only used for banks’ transactions and have nothing to do with customer accounts.
During the attack, the company’s computers processed hundreds of bank transfer. There is still no confirmation about the total of the diverted money, which was estimated by experts heard by the “fantastic” at $ 800 million. This was the largest to a financial system ever registered in the country
C&M provides service to financial institutions, has direct access to (Central Bank) systems and acts by integrating financial institutions to the Pix. The company was approved by the BC for this function in 2001 and continues to meet this function until then. Currently 8 other companies are also approved in the country.
In a statement released on Wednesday (2.Jul), the BC stated that “determined the disconnection of the institutions’ access to the infrastructures operated by itAnd that the attack “did not harm customers”.
On Thursday (3.Jul), the company said that, in the attack, it was the credentials of a customer of the service provider “as if it were an authorized financial institutionAnd that the BC authorized the “controlled resumptionPix. The hacker attack didn’t impact any.
