More Zimbabwean bank websites hacked. MBCA, Tetrad and others

Posted by

MBCA BankMetropolitan Bank, the hacking of whose website we reported here two days ago, were not the only local financial institution to suffer at the hands of site defacers in the past couple of weeks. We have confirmed this week that Tetrad Holdings and MBCA Bank also had their websites defaced. Unlike Metbank though, the two banks have since had their websites restored.

The Tetrad websites was defaced around the same time the Metbank websites was hit (Sunday, 20 January) and was indeed hacked by the same group of hackers who call themselves “Qifwhysoserious”. The MBCA website however was defaced by a different group of hackers some about a month and half ago.

tetrad-logoA source we spoke to at Tetrad Holdings confirmed the incident had happened and explained that they fixed the security vulnerabilities in the content management system and restored the website within a day. The source also told us that apart from the defacement, no other damage was done.

An MBCA Bank spokesperson we communicated with, Dedrey Mutimutema, also confirmed the defacement of the company’s website and also pointed out that the defacement of the website was inconsequential as the website is not linked to the Bank systems or servers. “We nonetheless requested our agent to add more security features, which they did, and the website is now online,” she explained.

Another local bank, FBC Holdings, it appears also suffered some kind of security compromise on their website in recent weeks. Googling “FBC Bank” currently gives off a warning (shown below) that the website may be compromised.

advertisement

fbc-bank-web-compromised

We got in touch with officials at the bank and they advised us through their web development company that their website had not been compromised and that they had requested Google to remove the warning. Google explains in its support pages that it shows the warning message “for search results that we believe may have been hacked or otherwise compromised” to protect the safety of its users. Google goes on to explain that the hacking “typically means that a third party has taken control of the site without the owner’s permission.”

To be clear, we do not think the hackers are specifically targeting the financial institutions. It’s just that unlike other companies whose websites that have been hacked in the past several months, the security of such institutions should be well above the average CMS vulnerability hack job that these attacks have in common. One commenter, after reading Metbank hacking story, suggested:

Big companies (e.g. Banks) that can afford it should rather buy their own Virtual Private Server at a hosting company and implement more security rather than using shared hosting, but even more importantly they should have a maintenance contract with their developer to keep their site patched and secure.

We’d only add that financial institutions especially should contract competent developers too. Even though it’s technically accurate, explaining that your website and your banking (and online banking) website are two separate systems is not enough anymore. Fact that someone entered and defaced your internet property doesn’t instill any confidence at all in the security of your technical products like internet and mobile banking.

5 Comments

  1. tinm@n says:

    An MBCA Bank spokesperson we communicated with, Dedrey Mutimutema, also
    confirmed the defacement of the company’s website and also pointed out
    that the defacement of the website was inconsequential as the website is
    not linked to the Bank systems or servers.“We nonetheless requested our agent to add more security features,
    which they did, and the website is now online,” she explained.

    That response tells you why banks, and many other companies dont panic that much when their websites are hacked. It is “inconsequential”. It is an issue for their Marketing/Communications Department, not a threat to business applications or systems or company data. So “…ya, eish..we got hacked. Don’t worry, we’ll sort it out.”

  2. david says:

    can some tell me who is hosting most of these hacked sites?

  3. Concerned Banker says:

    This hacking is just a testimony of poor IT security in the Zimbabwe banks. I guess their IT Directors are just slumbering enjoying the perks they have. I would not be comfortable using internet banking for a bank which is failing to host a secure website.

  4. ckombo says:

    What, if anything, do the people who developed the site/s have to say?

Leave a Reply

Your email address will not be published.

css.php