Hacker Buba is asking UAE bank for $3 million ransom

A criminal named Hacker Buba after asking UAE bank for $3 million ransom started leaking customer data online.

Last week a hacker, who named itself as ‘Hacker Buba,’ breached a United Arab Emirates Bank, then he start tweeting customers’ information announcing the disclosure of tens of thousands of customer files online if a $3 million ransom will not be paid.

Hacker Buba tweeted information, mostly belonging to corporate accounts at the Invest Bank. He requested the payment of a $3 million ransom in Bitcoin to stop leaking the sensitive information.

It appears that the hacked bank has no intention to pay the full ransom.

Hacker Buba initially tweeted from accounts like @investbank_2, that were promptly suspended by Twitter, but it was not enough to stop the hacker who late Tuesday started to spread the same message from nearly 50 Twitter accounts.  The Twitter message included the name Invest Bank and a link to a site, managed by the Hacker Buba, which host six zip files containing the bank data.

The website used by the hacker to leak the archives belong to an eastern European basketball team, and Hacker Buba compromised it.

According to the Daily Dot, the data leaked by Hacker Buba appears to be real, one of the archive analyzed by the news agency contained financial information of the bank customers.

“One database analyzed by the Daily Dot includes the sensitive information of around 40,000 customers, including their full names, credit card numbers, and birthdays. One account contained 4,7174,962.38 dirham, or $12,844,589.77. Those accounts’ total earnings add up to $110,736,002. Other databases show information for other customers, and include detailed transaction histories.” states the blog post published by the Daily Dot.

This morning the Invest Bank Assistant Manager for General Operations Qasim Kazmi sent an email to the Daily Dot confirming that the financial institute will not pay the ransom

“No we have not paid nor do we intend to or negotiate with blackmailers.”

At the same time, the website hacked by Buba seems to have been restored by the legitimate owners.

Pierluigi Paganini

(Security Affairs – law enforcement , Silk Road)