Even as animosity worsens between Qatar and its much more powerful former ally the United Arab Emirates, the repercussions of two cyber attacks on banks from both countries are only beginning to emerge.
The alleged perpetrators of two cyber attacks that hit the Qatar National Bank and UAE’s InvestBank have now availed massive caches of stolen data on the dark web.
The data breaches, which occurred shortly one after the other in 2016, resulted in the theft of massive caches of the banks’ customer data containing sensitive information such as full credit card numbers with their corresponding CVV codes, addresses, full names, passport numbers and other highly personal details.
According to a HackRead security researcher, both caches of data from the two cybercriminal entities are available on a popular darknet marketplace which remains unnamed at this point.
Qatar’s Hack Crises
Only recently, Qatar’s premier media outlet Al Jazeera suffered a highly controversial cyber attack that caused massive uproar within the Gulf States, creating rifts between the small state and its former Middle Eastern allies.
Coincidentally, the April 2016 attack on Qatar National Bank resulted in the theft of bank data belonging to journalists from the unfortunate news station.
Approximately 1.4GB of files from the QNB hack is now available for sale on the dark web.
In addition to the journalists’ bank details; it allegedly contains financial records belonging to the bank’s customers in the hundreds of thousands, including leaked bank details of Qatar’s Royal Family, the Al Thani.
Al Jazeera’s consequent report on this dark web data breach revealed that the leaked bank details were in fact very accurate.
Interestingly, the cache of files listed on the darknet also contains a folder labeled “SPY,” which is said to contain bank details belonging to officials from the Qatari Ministry of Defense, the Qatar State Security Bureau known as Mukhabarat, and a number of files on agents from the MI6.
All of this is now up for sale on the dark web for a meager $22.80 (0.0071BTC).
“Buba” Leverages Stolen Data for Ransom
Initially, the hacker behind UAE’s InvestBank data breach was looking for a $3 million ransom but after a lack of cooperation from the bank, they decided to cash in by posting the stolen information on the dark web.
The file listed for sale on the darknet is approximately 10GB in size and also purportedly contains very detailed financial information belonging to the bank’s clients.
The hacker known as Buba leaked the data on the dark web using Google Drive, following the bank’s refusal to pay up the massive ransom.
Sample data taken from the dark web data dump revealed that it also contained details about the bank’s beneficiaries, branch codes, detailed information from hundreds of thousands of account holders, customer IDs, among other things.
Like the QNB data dump, Buba has placed a $22.80 (0.0071BTC) price tag on this information, indicating that both hackers/hacking outfits are related in one way or another.
Banks Yet to Issue Warnings
It is yet to be confirmed whether the affected banks have taken measures to prevent any further repercussions following the uploading of the stolen information on the dark web.
The two cyber-attacks are reminiscent of the infamous DropBox and MySpace hacks in which the attackers inflicted maximum damage on users who set up similar passwords for other accounts.
Although it is highly unlikely that the banks will renew the credit cards belonging to hundreds of thousands of customers affected by the dark web data dump, there has been little fanfare over the developments following the incidences.
Customers have however been advised to monitor their accounts and report any suspicious bank activity as soon as they notice it.
Latest posts by Richard (see all)
- Tor Project Discontinues Supporting Tor Messenger - April 19, 2018
- VPN Browser Extensions for Chrome Leak Users’ DNS - April 19, 2018
- Backpage Seized by Feds, Founders Facing Criminal Charges - April 14, 2018