There may be a serious conflict between Qatar and the UAE (United Arab Emirates), but hackers see no difference, for them, it is all about making easy money. Today, one of’s researchers found out that around three Dark Web vendors are selling data belonging to customers from UAE InvestBank and Qatar National Bank.


It must be noted that both banks were hacked in 2016 and it is only now that their data is being sold on the Dark Web. To be precise, the UAE InvestBank was in May 2016 while Qatar National Bank (QNB) suffered a data breach in April 2016.

必须指出的是,两家银行在2016年遭到黑客入侵,现在只有他们的数据在暗网上销售。准确地说,阿联酋投资银行是在2016年5月,而卡塔尔国家银行 (QNB) 在2016年4月遭受了数据泄露

UAE InvestBank


In the Sharjah-based InvestBank’s case, a hacker leaked a 10GB file containing personal and financial details of customers and clients including thousands of records showing full names of account holders, addresses, passport numbers, phone numbers, account numbers, credit card numbers along with their CVV codes and other highly confidential data.


Screenshot from the data leaked by Buba in 2016

The data was stolen by a hacker calling himself “Hacker Buba.” He also demanded $3 million in ransom. However, the bank refused to pay the ransom after which the data was leaked on the Internet using Google Drive.


Screenshot from the leaked InvestBank files

Currently, the UAE InvestBank’s data is being sold on a popular Dark Web marketplace for only USD 22.80 (BTC 0.0071).

目前,阿联酋InvestBank的数据仅在22.80美元(BTC 0.0071)之间,在受欢迎的暗网上市场上销售。

The data according to the sample data provided by the vendor includes bank accounts, bank beneficiaries, bank cards, bank customers, customer ids, branch codes, bank cards and full names of account holders.


Sample data uploaded by the vendor

Qatar National Bank


The Qatar National Bank also suffered a massive data breach in which 1.4GB of data from the database containing personal data of its customers was leaked. The dump included hundreds of thousands of financial records including credit card numbers and their PIN codes and customer transaction logs. Moreover, the hackers also claimed to leak banking details of the Al-Thani Qatar Royal Family and Al Jazeera journalists.


One of the leaked folders among the leaked data was labeled as “SPY” catching the eyes of anyone who had access to the leaked data. Upon scanning, it was found that there were financial details of what appears to be UK’s intelligence service MI6, Qatari Ministry of Defence and Qatar State Security Bureau “Mukhabarat.


Qatar National Bank acknowledged the breach after hackers released an inside videoshowing how they hacked bank’s servers. However, now the data is being sold on the Dark Web for  USD 22.80 (BTC 0.0071).

卡塔尔国家银行 在黑客发布内部视频后 表示如何侵入银行服务器,承认违约。然而,现在的数据正在黑莓网上卖出22.80美元(BTC 0.0071)。

Screenshot from the listing where data is being sold

The sample data shows that the leaked records contain bank accounts, bank beneficiaries, bank cards and personal details of its customers.


Sample data uploaded by the vendor

This incident is similar to the LinkedIn (hacked in 2012), DropBox (hacked in 2012), and MySpace (hacked in 2013) who did a lot of damage to the users since they were using the same old passwords. However, in the case of these two banks, it is unclear whether the banks issued new credit cards to thousands of customers who were affected by these breaches.

这个事件类似于 LinkedIn (2012年被黑客入侵), DropBox (2012年被黑客入侵)和 MySpace  (在2013年被黑客入侵),由于使用相同的旧密码,对用户造成了很大的伤害。不过,就这两家银行而言,目前尚不清楚银行是否向数以千计的受到这些违规行为影响的客户发放了新的信用卡。

Therefore, customers are urged to keep an eye on their banking card transactions and contact their respective banks in case of any suspicious activity.



Please enter your comment!
Please enter your name here

15 + 9 =