Threat Management

‘Hacker Buba’ holds UAE bank to ransom


An Emirates bank was held to ransom last week by an as-yet unidentified hacker. The Sharjah Bank, an Islamic bank in the emirate of Sharjah, was blackmailed over Twitter on 18 November. 

The hacker, calling himself 'Hacker Buba', threatened to release the account information of the bank's more private customers including corporate officers and government officials.

In return for his electronic silence, Hacker Buba demanded nearly 8,500 bitcoins or £2 million by the weekend, beginning on the 21st of the month.

Banks are being increasingly targeted as hackers become more sophisticated in their attack methods and banks race to make their systems ever more connected. 

The culprit Twitter account @hacked_invest has since been suspended, but from 18 November he had been offering to “Sell private ‪#‎sql‬ from ‪#‎database‬” including clients, credit card details and all their financial info, totalling 900 gigabytes of information.

By Monday 23 November, Hacker Buba had apparently not received the ransom money and he began tweeting. Although his Twitter account had been suspended, Buba quickly made a new one and went about tweeting the account statements of 500 of Sharjah Bank's customers.

According to Gulf News, a regional news outlet, Hacker Buba had also sent warning SMS and emails to a number of Sharjah Bank customers saying that their accounts were under his control and they too, would have to pay up in order to regain control of them. 

In an interesting twist, the Gulf News reporter who originally found the story was contacted by Hacker Buba and offered 5 percent of Hacker Buba's proceeds should he cooperate with the cyber-criminal. It's not clear how the journalist would have assisted the hacker. 

The bank's CFOO spoke to news outlet XPRESS, admitting that the bank had been blackmailed: “Yes, there was a data breach and we have been contacted by Hacker Buba. He is asking for money but I cannot reveal how much. This is blackmail. We have reported the matter to UAE Central Bank. The Telecom Regulatory Authority's Computer Emergency Response Team is investigating.”

The spokesman downplayed the breach. “We won't give in to any extortion threat. In any case there has been no financial loss. All that this man has is some customer information and he's trying to use it as a bargaining chip," he said. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.