There may be a serious conflict between Qatar and the UAE (United Arab Emirates), but hackers see no difference, for them, it is all about making easy money. Today, one of HackRead.com’s researchers found out that around three Dark Web vendors are selling data belonging to customers from UAE InvestBank and Qatar National Bank.

卡塔尔与阿联酋(阿拉伯联合酋长国)可能存在严重的冲突,但是黑客看不出什么区别,对他们来说,这一切都是为了赚钱。今天,HackRead.com的一名研究人员发现,大约三家暗网供应商正在出售属于阿联酋InvestBank和卡塔尔国家银行客户的数据。

It must be noted that both banks were hacked in 2016 and it is only now that their data is being sold on the Dark Web. To be precise, the UAE InvestBank was in May 2016 while Qatar National Bank (QNB) suffered a data breach in April 2016.

必须指出的是,两家银行在2016年遭到黑客入侵,现在只有他们的数据在暗网上销售。准确地说,阿联酋投资银行是在2016年5月,而卡塔尔国家银行 (QNB) 在2016年4月遭受了数据泄露

UAE InvestBank

阿联酋投资银行

In the Sharjah-based InvestBank’s case, a hacker leaked a 10GB file containing personal and financial details of customers and clients including thousands of records showing full names of account holders, addresses, passport numbers, phone numbers, account numbers, credit card numbers along with their CVV codes and other highly confidential data.

在基于沙迦的InvestBank的案例中,一名黑客泄漏了10GB的文件,其中包含客户和客户的个人和财务细节,包括成千上万个记录,显示帐户持有人姓名,地址,护照号码,电话号码,帐号,信用卡号码以及他们的CVV代码和其他高度机密的数据。

Screenshot from the data leaked by Buba in 2016

The data was stolen by a hacker calling himself “Hacker Buba.” He also demanded $3 million in ransom. However, the bank refused to pay the ransom after which the data was leaked on the Internet using Google Drive.

数据被黑客窃取,称自己是“黑客布巴”,他还要求300万美元的赎金。不过,银行拒绝支付赎金,之后使用Google云端硬盘在互联网上泄漏数据。

Screenshot from the leaked InvestBank files

Currently, the UAE InvestBank’s data is being sold on a popular Dark Web marketplace for only USD 22.80 (BTC 0.0071).

目前,阿联酋InvestBank的数据仅在22.80美元(BTC 0.0071)之间,在受欢迎的暗网上市场上销售。

https://hansamkt2rr6nfg3.onion.link/listing/100247/

The data according to the sample data provided by the vendor includes bank accounts, bank beneficiaries, bank cards, bank customers, customer ids, branch codes, bank cards and full names of account holders.

根据供应商提供的样品数据,数据包括银行账户,银行受益人,银行卡,银行客户,客户编号,分行代码,银行卡和账户持有人的全名。

Sample data uploaded by the vendor

Qatar National Bank

卡塔尔国家银行

The Qatar National Bank also suffered a massive data breach in which 1.4GB of data from the database containing personal data of its customers was leaked. The dump included hundreds of thousands of financial records including credit card numbers and their PIN codes and customer transaction logs. Moreover, the hackers also claimed to leak banking details of the Al-Thani Qatar Royal Family and Al Jazeera journalists.

卡塔尔国家银行也遭受了巨大的数据泄露,其中包含客户个人资料的数据库中的1.4GB数据泄漏。转储包含成千上万的财务记录,包括信用卡号码及其PIN码和客户交易记录。此外,黑客还声称泄漏了卡塔尔鞑靼皇家和半岛记者的银行细节。

One of the leaked folders among the leaked data was labeled as “SPY” catching the eyes of anyone who had access to the leaked data. Upon scanning, it was found that there were financial details of what appears to be UK’s intelligence service MI6, Qatari Ministry of Defence and Qatar State Security Bureau “Mukhabarat.

泄露的数据中泄露的文件夹之一被标记为“SPY”,捕获任何可以访问泄漏数据的人的眼睛。扫描后发现有英国情报机构MI6,卡塔尔国防部和卡塔尔国家安全局“穆哈巴拉特邦”的财务细节。

Qatar National Bank acknowledged the breach after hackers released an inside videoshowing how they hacked bank’s servers. However, now the data is being sold on the Dark Web for  USD 22.80 (BTC 0.0071).

卡塔尔国家银行 在黑客发布内部视频后 表示如何侵入银行服务器,承认违约。然而,现在的数据正在黑莓网上卖出22.80美元(BTC 0.0071)。

Screenshot from the listing where data is being sold

https://hansamkt2rr6nfg3.onion.link/listing/100243/

The sample data shows that the leaked records contain bank accounts, bank beneficiaries, bank cards and personal details of its customers.

样本数据显示,泄露的记录包含银行账户,银行受益人,银行卡和客户的个人信息。

Sample data uploaded by the vendor

This incident is similar to the LinkedIn (hacked in 2012), DropBox (hacked in 2012), and MySpace (hacked in 2013) who did a lot of damage to the users since they were using the same old passwords. However, in the case of these two banks, it is unclear whether the banks issued new credit cards to thousands of customers who were affected by these breaches.

这个事件类似于 LinkedIn (2012年被黑客入侵), DropBox (2012年被黑客入侵)和 MySpace  (在2013年被黑客入侵),由于使用相同的旧密码,对用户造成了很大的伤害。不过,就这两家银行而言,目前尚不清楚银行是否向数以千计的受到这些违规行为影响的客户发放了新的信用卡。

Therefore, customers are urged to keep an eye on their banking card transactions and contact their respective banks in case of any suspicious activity.

因此,如有任何可疑活动,请客户留意银行卡交易,并联络各自的银行。

LEAVE A REPLY

Please enter your comment!
Please enter your name here

15 + 9 =