SAN FRANCISCO — Security researchers have uncovered what they believe is a significant cybercrime operation in Brazil that took aim at $3.75 billion in transactions by Brazilians.

It is unclear what percentage of the $3.75 billion worth of compromised transactions was actually stolen. But if even half of that value was redirected to criminals, the scope of the swindle would eclipse any other previous electronic theft.

The thieves preyed on Boleto Bancário, or Boletos, a popular Brazilian payment method that can be issued online and paid through various channels like banks and supermarkets, said researchers at the RSA Security division of the EMC Corporation.

Researchers said the ring had been using what they called bolware — a play on Boletos and malware, a term for software intended for illegitimate purposes — to intercept legitimate Boletos payments and redirect them to the accounts of criminals or mules, who are people paid to stand in for the criminals.