a reply to:
infolurker
Hello! Greeting from Brazil, the land of the JBS. Let me tell you people. Here, JBS (or J&F Holding) has the bigest marketshare in meat, thanks to
BNDES. Then, they proceed to take America, land of the free lol. But J&F is playing with more than meat. Here, they have 2 fintechs, Banco Original
(fintech dressed as bank) and PicPay (pay attention to that name)an app for payment, cellphone credit and you can transfer money from people to people
without any takes (inmates love it lol)
So, today my ex wake up calling me and telling me to take all of my money out of PicPay because someone hacked her account and wipe out 15k from her
account. Looking on teh net, I found other similar cases happen. This isn't a 10 bucks hack, they only target the people with money. Then you ask me,
why would someone trust their hard earn money on a Fintech (here the regulations for fintechs are different from banks, scammers love having an
account you can transfer money without ANY document verification )and have free money transfer to any REAL account using the PIX system (research, too
long for americans understand that system)
So, the hacker stole more than 50k JUST TODAY, in a pattern that is repeating since 8 days ago, wiping out the money from account that use ANY system
(android or iOS) and EVEN those people that use biometry instead of a password you type
The digital system of fintechs is entirely compromised. And you wont see it in any journal. look up for reclameaqui (a site to make complains on
corps) and PicPay.
On our case it was used a PIX key (can be your ID, your cell number, email or ISS) that has an email with a name that i cant find anywhere (obvious).
The email is
[email protected]. The only Spectrum i found references is an IT company with a spy face (from my predictions, maybe the hacker
is ironic)) The bank account that receive the stolen money was Nubank (poorly secured, every month someone clone their cards). And the name of the
robber was Igor Pereira Magalhães. The only reference of that name is a minor who lives in the middle of nowhere and clearly without any skills for
that. But... I still have a flag up with that boy. Im waiting for the others names of scammers to pop up and cross that.
But, the most strange thing is: How can they know who to hack, any cell system, change the first password (that gives acess to the app) and change the
second password (for transactions), even with people that use biometry as passwords. They are supposed to have the biometry of the person. How the
f... did they bypass it? Even with iOS that is so "secure". People from dfferent states where hacked. Some people lost 27k.
But wait theres more. The picpay app is a e-wallet, so you can store and put your credit card data there to shop. They are putting cloned or stolen
credit cards in hacked accounts, some even with cards taken in the name of person that had the account hacked and wiping out eveything.
How they didnt block ANY tranfers higher than 5k after midnight? Yesterday was holiday, maybe the sec team extended the holiday?
The J&F are the holding, but the "paper holder" are some little enterprise from... CAYMAN ISLANDS.
They lure people with high cashback and stakes that pay 3x more than a stable bank. I guess it works. But WHY they dont take any measures to counter
the thieves? Because they dont give an F.