Why Zimbabwean websites are increasingly getting hacked (list of hacked sites)

advertisement

Hacked AgainIn recent months, each time we’ve posted an article about a high profile website being hacked – such as the story about Fingaz today – what follows is a number of tweets, emails and phone calls with readers basically ask: What’s going on? Why has the hacking increased so much? Why are Zim websites being targeted?

We attempt to answer these questions in this article. You can also add your views, thoughts and questions about the situation in the comments below.

No, no one’s maliciously targeting Zimbabwe

No, no one is targeting Zimbabwean companies and websites. We have observed that all of them so far are random defacement. This is why for example you will find that the same hackers that hit the ZOL and Fingaz websites also hit hundreds of other unrelated websites globally with the same defacement message around the same time.

Specially targeted attacks are more brutal than these random hits. A good example is “Operation Avenge Assange”, an attack on PayPal and other websites which was executed by the “Anonymous” hacking group to avenge attempts by some governments and global companies to cripple Wikileaks funding. More here: Operation_Payback#Operation_Avenge_Assange.

No, the rate of hacking has not increased at all

What we see increasing is the number of new Zimbabwean websites. Which is really great we should add, all thanks to free open source tools that make anyone who can use the internet a creator of content able to start their own website. More websites however means more of them can be hacked but that doesn’t mean at all that the rate of hacking has increased.

The hacking is just reported more than before

Website hacking and defacement is not a new phenomenon. It’s been happening to websites locally and globally since the internet came to be and some actually suggest the unscrupulous practice has seen a decrease in recent years. Lately however in Zimbabwe’s case, blogs like us report these cases more. In the past, such issues would just go unreported.

Just to underscore that point, we’ve inserted at the bottom of this article a list of the websites of some known Zim brands (the .co.zw ones at least) that have been hacked since 2001, the majority of which were never reported in the news.

Why do hackers hack websites?

For numerous reasons; some do it purely for fun, some to tests their newly acquired knowledge about computer security, some as a form of Hacktivism to protest political decisions or military conflicts, some out of revenge or to discredit a brand/individual and some just to prove a website is hackable.

How can you protect yourself?

We have an article here on Techzim published several months ago, which goes into how you can best protect yourself. The advice there still applies. But basically our advice is that if you don’t have the skills to keep your web properties secure (and if you can’t be bothered learning how), then please consult people who have a proven track record in securing internet properties.

If you still have any questions about website hacking and defacement, please enter them in the comments section below, and we (& other readers) will do our best to answer you.

List of some defaced websites since 2001
Please note that we’ve listed just 76 defaced websites out of over 1,000 websites archived on Zone-H.org. Also keep in mind that it’s just the .co.zw domains listed – a lot of Zimbabwean companies have .com domains because of the difficulties of registering a local domain. Lastly, note that Zone-H itself relies on submissions by people (mostly the hackers themselves we’re guessing), which means hacks not submitted to the archive are not listed.

Website addressCompanyDefaced Date
www.classifieds.co.zwZimbabwe Classifieds

29-Apr-2001

www.cbz.co.zwCBZ Holdings

29-Apr-2001

www.netone.co.zwNetOne

2-Jul-2001

www.rbz.co.zwReserve Bank of Zimbabwe

13-Aug-2002

www.nokia.co.zwNokia Zimbabwe

24-Sep-2002

www.metbank.co.zwMetropolitan Bank

2-Nov-2002

www.dairibord.co.zwDairiboard Zimbabwe

2-Nov-2002

www.sage.co.zwSage Pastel Zimbabwe

2-May-2005

www.iobz.co.zwIOBZ

2-May-2005

www.mukonitronics.co.zwMukonitronics

2-May-2005

www.pastel.co.zwPastel Zimbabwe

2-May-2005

www.doves.co.zwDoves

2-May-2005

www.fabs.co.zwFABS

2-May-2005

www.csc.co.zwCSC

2-May-2005

www.venekera.co.zwVenekera

2-May-2005

www.zabg.co.zwZABG Bank

2-May-2005

www.chips.co.zwChips Computing

2-May-2005

www.chronicle.co.zwChronicle

2-May-2005

www.clan.co.zwClan

2-May-2005

www.toyota.co.zw Toyota Zimbabwe

2-May-2005

www.afrosoft.co.zw Afrosoft

2-May-2005

www.zol.co.zwZimbabwe Online

24-Jul-2005

www.renaissance.co.zwRenaissance

10-Feb-2006

www.mdczimbabwe.co.zwMDC

19-Apr-2006

www.kingdom.co.zwAfrasia Kingdom Bank

16-Sep-2006

www.hifa.co.zwHarare International Festival of Arts

6-Feb-2007

www.truworths.co.zwTruworths

5-Jul-2007

www.dawnproperties.co.zwDawn Properties

28-Jul-2007

www.posb.co.zwPOSB

28-Jul-2007

www.jaggers.co.zw Jaggers

28-Jul-2007

www.idbz.co.zwInfrastructure Development Bank of Zimbabwe

28-Jul-2007

www.nmbz.co.zwNMB Bank Limited

18-Aug-2007

www.genesisbank.co.zwGenesis Bank

30-Nov-2007

www.highlandersfc.co.zwHighlanders FC

28-Apr-2008

www.agrifoods.co.zwAgriFoods

27-May-2008

www.telco.co.zwTelecontract

27-May-2008

www.celsys.co.zwCelsys

9-Sep-2008

www.nationalgallery.co.zwNational Gallery of Zimbabwe

9-Sep-2008

www.mars.co.zwMARS Zimbabwe

3-Oct-2008

www.kia.co.zwKIA Motors

3-Oct-2008

www.supreme.zabg.co.zw ZABG Bank

24-Sep-2009

www.sage.co.zwSage Pastel Zimbabwe

24-Sep-2009

www.europcar.co.zwEuropcar Zimbabwe

24-Sep-2009

www.rooneys.co.zwRooney’s

24-Sep-2009

www.techzim.co.zw Techzim

13-May-2010

www.kia.co.zwKIA Motors

14-Jun-2010

www.microman.co.zwMicroman

14-Jun-2010

www.stuttafords.co.zwStuttafords

14-Jun-2010

www.zimrights.co.zwZimrights

15-Jul-2010

www.eatout.co.zwEatOut Zimbabwe

6-Oct-2010

iran.iranembassy.co.zwIran Embassy

4-Jan-2011

www.zse.co.zw Zimbabwe Stock Exchange

13-Mar-2011

www.belina.co.zwBelina Payroll

12-Apr-2011

www.nicozdiamond.co.zwNicoz Diamond Insurance

16-Apr-2011

www.cloverleaf.co.zwClover Leaf Motors Group

11-Sep-2011

www.rminsurance.co.zw RM Insurance Company

13-Sep-2011

www.brontehotel.co.zw   Bronte Hotel

27-Jan-2012

www.safeguard.co.zw  Safeguard

27-Jan-2012

www.eset.co.zw ESET Zimbabwe

15-Mar-2012

www.zinwa.co.zwZimbabwe National Water Authority

22-Mar-2012

www.proplastics.co.zwPro Plastics

30-Mar-2012

www.kingstons.co.zwKingstons Holdings

30-Mar-2012

www.dailynews.co.zwDaily News

1-Jul-2012

www.mazda.co.zwWillovale Mazda motor Industries

9-Jul-2012

web.telecel.co.zw Telecel Zimbabwe

19-Nov-2012

www.zinara.co.zwZinara

22-Nov-2012

www.greenfuel.co.zwGreen Fuel

6-Dec-2012

www.nicozdiamond.co.zw Nicoz Diamond Insurance

10-Dec-2012

www.cabs.co.zw CABS

16-Dec-2012

www.delta.co.zwDelta Corporation

23-Dec-2012

www.uz-ucsf.co.zwUniversity of Zimbabwe-University of California San Francisco (UZ-UCSF) Collaborative Research Programme

23-Dec-2012

www.herzimbabwe.co.zwHer Zimbabwe

24-Dec-2012

www.zol.co.zwZimbabwe Online

28-Dec-2012

www.zimnatlife.co.zwZimnat Life Assurance

31-Dec-2012

www.bennysburgers.co.zwBenny’s Burgers

3-Jan-2013

www.firstel.co.zw FirstTel

4-Jan-2013

advertisement
  • Digger

    You are very wrong to think that hackers are not targeting Zimbabwean companies and websites. If you worked for ISPs, seen what they have to deal on daily basis with you will understand

  • http://twitter.com/iamrobasta Robert Dondo

    mmmmm, i still think most of these hacks are automated. this “Hackeado por HighTech Brazil HackTeam” (google it) team has defaced ‘hundreds’ of seemingly random sites this past week. hardly seems like they were targeting anyone is specific, most likely, they are scanning (using some bot) for sites with a specific vulnerability and then exploiting it.

  • http://www.facebook.com/tvmashava Tawanda Victor Mashava

    Hackers are targeting Zimbabwean sites, but they are not SPECIFICALLY targeting Zim sites, its part of a large scale hacking systems that doesnt necesarily target Zim sites only, the practice is not exclusive to Zim

  • http://www.techzim.co.zw L.S.M. Kabweza

    http://www.zone-h.org/archive has a list of the most recent defaced websites.
    The list of 100 most recently defaced websites today doesn’t even have a Zimbabwean website in it. it’s
    36 United States
    9 Germany
    9 Poland
    9 Netherlands
    7 Hungary
    5 Malaysia
    3 Finland
    3 Indonesia
    2 Greece
    2 Denmark
    2 Canada
    2 UK

    1 Cuba
    and so on…

  • http://destinationkilotango.wordpress.com/ kthaker

    i dont think http://www.classifieds.co.zw was even in existance in 2001?

    in most cases, hacked/defaced websites are just a front for what actually happens in the background of the server itself. you will find scripts that mass mail, scripts that DDOS other websites and server IP’s, as well as scripts that are used to hack other sites.

  • http://www.techzim.co.zw L.S.M. Kabweza

    According to this archive it existed: http://www.zone-h.org/mirror/id/12326

    But maybe they got the dates mixed up or something

  • tinm@n

    OMW Delta website runs client-side Java?!!

    (gag)

    Nice article, by the way

  • http://twitter.com/oscarmanduku oscar.habeenzu

    Hats off sir. If they don’t take heed to your counsel or critic ignore them and leave them like that. You laid it plain and simple. Take it or leave it, if you are hacked, “indaba zako wena”.

  • Nerudo

    What websites havent been hacked :-)

  • http://destinationkilotango.wordpress.com/ kthaker

    yeah, i reckon the dates arent correct. or someone had been using that domain name before the current classifieds site… zone-h is an interesting website in any case :)

  • chirau

    I’ll give a dollar to any zimbo who can do anything with mine.

  • tinm@n

    Give us the website!…. Give us! (jumping up and down)

  • Antony Masocha

    The other thing is Zimabwean comapnies’s inability to tell a real developer from none if u check these websites they will probably end up going back to one ot 2 developers someone correct me

  • Antony Masocha

    A lot of people are masquerading as developers when they are not its simple lack of knowledge.How can u think someone will develop a site for 30usd and how many pple are getting those sites or even 200usd for that matter daylight robbery of the unsuspecting client

  • http://www.techzim.co.zw L.S.M. Kabweza

    :)

  • http://twitter.com/AstroSwatiri Big M!

    UZ website is down as well

  • http://twitter.com/AstroSwatiri Big M!

    whats ya web adress son?

  • chirau

    Lol. You guys are funny. I was joking. I don’t own a live site currently. I will be sure to give it to you for testing purposes. I will hold my promise though, a reward for anyone who can.

    On a seperate note, why can’t I post a comment (my own, not a response) on this site? @kabweza, am I blocked?

  • http://www.techzim.co.zw L.S.M. Kabweza

    thanks for the notification. Comments were caught up in anti-spam queue. just released them.

  • http://www.techzim.co.zw L.S.M. Kabweza

    yeah, that hack was specifically targeted the Herald.

  • tinma@n

    That just killed the excitement. The reward of bringing down something that is claimed to be secure on invitation is certainly worth more than the dollar… ah well…carry on… i’ll hack my own

  • http://www.tawanike.com Tawanda Abraham Makunike

    This is the most honest response. Yes sites have been hacked and stuff but the truth is Zim sites are being targeted.

  • Lon

    Soul;

    Great article and insight about the trend of the hacking in Zim.However, I beg to differ on this point you raised ” No, the rate of hacking has not increased at all”.

    Generally, the trend of hacking is increasing across the globe with Africa or Zim being part of this trend.This trend will continue to increase as Africa adopts more technology and faster internet.
    So most organisations in Zim need to adopt the basics of enterprise security at the application, infrastructure, database, people and process layers.

  • slackie

    it did exist. i closed it down for many years after that before starting it up again.

  • http://www.techzim.co.zw L.S.M. Kabweza

    thanks @88ec0d37a66984288b18255b7a5dd2de:disqus
    Just to clarify, i don’t think the rate has increased but i do think the number of hacked websites locally is increasing for the reason that there are more websites being created.
    I however still don’t think Zimbabwe (or Africa) is getting the majority of the hacks. The data is just not there to support this. The little data available, like that on Zone-H suggest that most defacement is are actually happening on US hosted websites.
    A quick check for example of the most recent 200 defaced websites globally (those submitted to Zone-H at least) this morning shows:
    USA 66
    Germany – 19
    Brazil – 16
    Singapore – 14
    Turkey – 8
    Australia – 8
    Denmark – 6
    Argentina – 5
    UK – 5
    Poland – 5
    Croatia – 5
    Canada – 4
    Hungary – 4
    Ukraine – 3
    Serbia- 3
    Romania- 3
    Vietnam- 3
    Chile – 2
    France – 2
    Slovenia -2
    etc…

    If you can find data that shows the hacking of Zim & Africa sites is on the increase, then let’s look at it. The issue may be that network admins & ISPs staffers in Africa are finding a lot of hack attempts on their networks and take this to be a new phenomenon that its is not.

  • chirau

    Hacking…hobby or profession?

  • YnnaB

    http://i45.tinypic.com/2w7n68w.jpg/IMG
    Classifieds.co.zw was definately up m8

  • Lon

    Kabweza;

    Thanks for referencing H-Zone. This site is a reflection of sites being defaced and most of the guys who report here are not the new and advanced breed of hackers. The new breed of hackers thrive of Advanced persistent Hacks mainly driven by gain or profit. Their aim is not to eventually hack ZIm ICT infrastructure but to use it as a lunching platform for performing massive DDOS attacks on their targeted attacks in other continents. The reason for using Africa’s infrastructure is because the ISP are still backwards and that their is not centralised Computer Security Incident response center in Africa. If my memory serves me well, I think SA , Kenya and other 2 countries haves a CSIRC.

    Targeted hacking is not about page defacement. Page defacement is for the naive and those testing their skills in the game. Most advanced hacking techniques go un-noticed because those who perform them know that the rule of the game is ” do not leave any traces”

    There is a lot of research out the reflecting the increase of targeted attacks in Africa. The problem is most African countries at the moment don’t know what is lying under the carpet due to lack of awareness, investment and regulation around security,

    Some guys in South Africa published a good research on the threat barometer 2013 and there is a section on where Africa Stands on CyberSecurity . Have a read and see where you will stand after wards:

    http://issuu.com/cybershield/docs/sa_2012_cyber_threat_barometer_medi_20121105104135

    Finally, I am very confident that hacking is on the increase in Zim and Africa as a whole. It’s a matter of time before we realise huge financial and reputation implication of hacking on some of the major industries such as banking, transport, Energy/Utilities, Education etal:

    http://www.itnewsafrica.com/2012/10/cyber-crime-costs-south-africa-r3-7-billion/

    http://cybercrime.org.za/

  • http://www.mega24.co.za/ Concern Shoko

    You think you can hack? Try http://www.mbcanet.co.zw and gimme feedback

  • http://www.techzim.co.zw L.S.M. Kabweza

    I agree that hacking particularly that of defacement is on increasing. I just don’t agree that the percentage of defaced websites out of overall number of sites is increasing.
    In terms of African internet servers being used as Zombies or platforms to launch attacks, I think it’s not clear in the article (my bad) that that is not the issue being discussed by the article. The article is talking about the recent attacks on many high profile websites that seem to show hacking in the form of defacement, is on the increase.
    Other forms of hacking, like stealing data from financial institutions, customer records, etc.. are indeed most likely to be on the increase, especially if prospects on monetizing these efforts become higher.

  • http://destinationkilotango.wordpress.com/ kthaker

    sweet! seeing that screenshot, reminds me of the good ol’ 56k days. i.e napster :)

  • tinm@n

    and geocities, altavista, excite!… and the floppy… gone too soon

  • devgeek

    how much do i get, if i show you the security holes in ur site?

  • Blazjames

    I am surprised that banks are on the list. They should have tighter security.

  • http://www.sondeza.com/ Dogstar

    My 2c on this is that Zimbabwe is now becoming more connected to the WWW. As we move towards more online real time processing systems also joining the WWW gravy train like financial institutions like banks, credit providers (Truworths, Edgars, etc), Econet(checking your bill, list of calls, etc) etc, we will see hacking more for financial reasons.than for fun. PayGate in SA had their systems broken into some weeks ago. Soon FBC Kingdom bank, etc will feel these guys one way or the other.

  • Jon Koni

    MSU website, you cant hack it. The most widely used Tertiary Education website in Zimbabwe

  • Crash0

    Jon Koni there isn’t a Website which can’t be Hacked….

  • Crash0

    Yeah you are wryt man Worse of all just 2 years ago EC-Council has Accreditted a couple of Institutions to train what they call Certified Ethical Hacking…….More Hacks are coming…..Watch the Space

  • Crash0

    is this ur Website kid

  • munhu_mutema

    keep ur dollar n leave the link here.will do it for free..
    #challenge_accepted.

  • munhu_mutema

    obsession

  • munhu_mutema

    .