Why Zimbabwean websites are increasingly getting hacked (list of hacked sites)

L.S.M Kabweza Avatar
Hacked Again

Hacked AgainIn recent months, each timeΒ we’veΒ posted an article about a high profile website being hacked – such as the story about Fingaz today – what follows is a number of tweets, emails and phone calls with readers basically ask: What’s going on? Why has the hacking increased so much? Why are Zim websites being targeted?

We attempt to answer these questions in this article. You can also add your views, thoughts and questions about the situation in the comments below.

No, no one’s maliciously targeting Zimbabwe

No, no one is targeting Zimbabwean companies and websites. We have observed that all of them so far are randomΒ defacement.Β This is why for example you will find that the same hackers that hit the ZOL and Fingaz websites also hit hundreds of other unrelated websites globally with the same defacement message around the same time.

Specially targeted attacks are more brutal than these random hits. A good example is β€œOperation Avenge Assange”, an attack on PayPal and other websites which was executed by the β€œAnonymous” hacking group to avenge attempts by some governments and global companies to cripple Wikileaks funding. More here: Operation_Payback#Operation_Avenge_Assange.

No, the rate of hacking has not increased at all

What we see increasing is the number of new Zimbabwean websites. Which is really great we should add, all thanks to free open source tools that make anyone who can use the internet a creator of content able to start their own website. More websites however means more of them can be hacked but thatΒ doesn’tΒ mean at all that the rate of hacking has increased.

The hacking is just reported more than before

Website hacking and defacement is not a new phenomenon. It’s been happening to websites locally and globally since the internet came to be and some actually suggest the unscrupulous practice has seen aΒ decrease in recent years.Β Lately however in Zimbabwe’s case, blogs like us report these cases more. In the past, such issues would just go unreported.

Just to underscore that point,Β we’veΒ inserted at the bottom of this article a list of the websites of some known Zim brands (the .co.zw ones at least) that have been hacked since 2001, the majority of which were never reported in the news.

Why do hackers hack websites?

For numerous reasons; some do it purely for fun, some to tests their newly acquired knowledge about computer security, some as a form of Hacktivism to protest political decisions or military conflicts, some out of revenge or to discredit a brand/individual and some just to prove a website is hackable.

How can you protect yourself?

We have an article here on Techzim published several months ago, which goes into how you can best protect yourself. The advice there still applies. But basically our advice is that if you don’t have the skills to keep your web properties secure (and if you can’t be bothered learning how), then please consult people who have a proven track record in securing internet properties.

If you still have any questions about website hacking and defacement, please enter them in the comments section below, and we (& other readers) will do our best to answer you.

List of some defaced websites since 2001
Please note thatΒ we’veΒ listed just 76 defaced websites out of over 1,000 websites archived on Zone-H.org. Also keep in mind that it’s just the .co.zw domains listed – a lot of Zimbabwean companies have .com domains because of the difficulties of registering a local domain. Lastly, note that Zone-H itself relies on submissions by people (mostly the hackers themselves we’re guessing),Β which means hacks not submitted to the archive are not listed.

Website address Company Defaced Date
www.classifieds.co.zw Zimbabwe Classifieds

29-Apr-2001

www.cbz.co.zw CBZ Holdings

29-Apr-2001

www.netone.co.zw NetOne

2-Jul-2001

www.rbz.co.zw Reserve Bank of Zimbabwe

13-Aug-2002

www.nokia.co.zw Nokia Zimbabwe

24-Sep-2002

www.metbank.co.zw Metropolitan Bank

2-Nov-2002

www.dairibord.co.zw Dairiboard Zimbabwe

2-Nov-2002

www.sage.co.zw Sage Pastel Zimbabwe

2-May-2005

www.iobz.co.zw IOBZ

2-May-2005

www.mukonitronics.co.zw Mukonitronics

2-May-2005

www.pastel.co.zw Pastel Zimbabwe

2-May-2005

www.doves.co.zw Doves

2-May-2005

www.fabs.co.zw FABS

2-May-2005

www.csc.co.zw CSC

2-May-2005

www.venekera.co.zw Venekera

2-May-2005

www.zabg.co.zw ZABG Bank

2-May-2005

www.chips.co.zw Chips Computing

2-May-2005

www.chronicle.co.zw Chronicle

2-May-2005

www.clan.co.zw Clan

2-May-2005

www.toyota.co.zw Toyota Zimbabwe

2-May-2005

www.afrosoft.co.zw Afrosoft

2-May-2005

www.zol.co.zw Zimbabwe Online

24-Jul-2005

www.renaissance.co.zw Renaissance

10-Feb-2006

www.mdczimbabwe.co.zw MDC

19-Apr-2006

www.kingdom.co.zw Afrasia Kingdom Bank

16-Sep-2006

www.hifa.co.zw Harare International Festival of Arts

6-Feb-2007

www.truworths.co.zw Truworths

5-Jul-2007

www.dawnproperties.co.zw Dawn Properties

28-Jul-2007

www.posb.co.zw POSB

28-Jul-2007

www.jaggers.co.zw Jaggers

28-Jul-2007

www.idbz.co.zw Infrastructure Development Bank of Zimbabwe

28-Jul-2007

www.nmbz.co.zw NMB Bank Limited

18-Aug-2007

www.genesisbank.co.zw Genesis Bank

30-Nov-2007

www.highlandersfc.co.zw Highlanders FC

28-Apr-2008

www.agrifoods.co.zw AgriFoods

27-May-2008

www.telco.co.zw Telecontract

27-May-2008

www.celsys.co.zw Celsys

9-Sep-2008

www.nationalgallery.co.zw National Gallery of Zimbabwe

9-Sep-2008

www.mars.co.zw MARS Zimbabwe

3-Oct-2008

www.kia.co.zw KIA Motors

3-Oct-2008

www.supreme.zabg.co.zw ZABG Bank

24-Sep-2009

www.sage.co.zw Sage Pastel Zimbabwe

24-Sep-2009

www.europcar.co.zw Europcar Zimbabwe

24-Sep-2009

www.rooneys.co.zw Rooney’s

24-Sep-2009

www.techzim.co.zw Techzim

13-May-2010

www.kia.co.zw KIA Motors

14-Jun-2010

www.microman.co.zw Microman

14-Jun-2010

www.stuttafords.co.zw Stuttafords

14-Jun-2010

www.zimrights.co.zw Zimrights

15-Jul-2010

www.eatout.co.zw EatOut Zimbabwe

6-Oct-2010

iran.iranembassy.co.zw Iran Embassy

4-Jan-2011

www.zse.co.zw Zimbabwe Stock Exchange

13-Mar-2011

www.belina.co.zw Belina Payroll

12-Apr-2011

www.nicozdiamond.co.zw Nicoz Diamond Insurance

16-Apr-2011

www.cloverleaf.co.zw Clover Leaf Motors Group

11-Sep-2011

www.rminsurance.co.zw RM Insurance Company

13-Sep-2011

www.brontehotel.co.zwΒ Β  Bronte Hotel

27-Jan-2012

www.safeguard.co.zwΒ  Safeguard

27-Jan-2012

www.eset.co.zw ESET Zimbabwe

15-Mar-2012

www.zinwa.co.zw Zimbabwe National Water Authority

22-Mar-2012

www.proplastics.co.zw Pro Plastics

30-Mar-2012

www.kingstons.co.zw Kingstons Holdings

30-Mar-2012

www.dailynews.co.zw Daily News

1-Jul-2012

www.mazda.co.zw Willovale Mazda motor Industries

9-Jul-2012

web.telecel.co.zw Telecel Zimbabwe

19-Nov-2012

www.zinara.co.zw Zinara

22-Nov-2012

www.greenfuel.co.zw Green Fuel

6-Dec-2012

www.nicozdiamond.co.zw Nicoz Diamond Insurance

10-Dec-2012

www.cabs.co.zw CABS

16-Dec-2012

www.delta.co.zw Delta Corporation

23-Dec-2012

www.uz-ucsf.co.zw University of Zimbabwe-University of California San Francisco (UZ-UCSF) Collaborative Research Programme

23-Dec-2012

www.herzimbabwe.co.zw Her Zimbabwe

24-Dec-2012

www.zol.co.zw Zimbabwe Online

28-Dec-2012

www.zimnatlife.co.zw Zimnat Life Assurance

31-Dec-2012

www.bennysburgers.co.zw Benny’s Burgers

3-Jan-2013

www.firstel.co.zw FirstTel

4-Jan-2013

43 comments

  1. Digger

    You are very wrong to think that hackers are not targeting Zimbabwean companies and websites. If you worked for ISPs, seen what they have to deal on daily basis with you will understand

    1. Robert Dondo

      mmmmm, i still think most of these hacks are automated. this “Hackeado por HighTech Brazil HackTeam” (google it) team has defaced ‘hundreds’ of seemingly random sites this past week. hardly seems like they were targeting anyone is specific, most likely, they are scanning (using some bot) for sites with a specific vulnerability and then exploiting it.

    2. Tawanda Victor Mashava

      Hackers are targeting Zimbabwean sites, but they are not SPECIFICALLY targeting Zim sites, its part of a large scale hacking systems that doesnt necesarily target Zim sites only, the practice is not exclusive to Zim

    3. L.S.M. Kabweza

      http://www.zone-h.org/archive has a list of the most recent defaced websites.
      The list of 100 most recently defaced websites today doesn’t even have a Zimbabwean website in it. it’s
      36 United States
      9 Germany
      9 Poland
      9 Netherlands
      7 Hungary
      5 Malaysia
      3 Finland
      3 Indonesia
      2 Greece
      2 Denmark
      2 Canada
      2 UK

      1 Cuba
      and so on…

    4. Tawanda Abraham Makunike

      This is the most honest response. Yes sites have been hacked and stuff but the truth is Zim sites are being targeted.

  2. kthaker

    i dont think http://www.classifieds.co.zw was even in existance in 2001?

    in most cases, hacked/defaced websites are just a front for what actually happens in the background of the server itself. you will find scripts that mass mail, scripts that DDOS other websites and server IP’s, as well as scripts that are used to hack other sites.

    1. L.S.M. Kabweza

      According to this archive it existed: http://www.zone-h.org/mirror/id/12326

      But maybe they got the dates mixed up or something

      1. kthaker

        yeah, i reckon the dates arent correct. or someone had been using that domain name before the current classifieds site… zone-h is an interesting website in any case πŸ™‚

        1. YnnaB

          http://i45.tinypic.com/2w7n68w.jpg%5B/IMG%5D
          Classifieds.co.zw was definately up m8

          1. kthaker

            sweet! seeing that screenshot, reminds me of the good ol’ 56k days. i.e napster πŸ™‚

            1. tinm@n

              and geocities, altavista, excite!… and the floppy… gone too soon

      2. slackie

        it did exist. i closed it down for many years after that before starting it up again.

  3. tinm@n

    OMW Delta website runs client-side Java?!!

    (gag)

    Nice article, by the way

  4. oscar.habeenzu

    Hats off sir. If they don’t take heed to your counsel or critic ignore them and leave them like that. You laid it plain and simple. Take it or leave it, if you are hacked, “indaba zako wena”.

  5. Nerudo

    What websites havent been hacked πŸ™‚

    1. chirau

      I’ll give a dollar to any zimbo who can do anything with mine.

      1. tinm@n

        Give us the website!…. Give us! (jumping up and down)

        1. L.S.M. Kabweza

          πŸ™‚

        2. chirau

          Lol. You guys are funny. I was joking. I don’t own a live site currently. I will be sure to give it to you for testing purposes. I will hold my promise though, a reward for anyone who can.

          On a seperate note, why can’t I post a comment (my own, not a response) on this site? @kabweza, am I blocked?

          1. L.S.M. Kabweza

            thanks for the notification. Comments were caught up in anti-spam queue. just released them.

          2. tinma@n

            That just killed the excitement. The reward of bringing down something that is claimed to be secure on invitation is certainly worth more than the dollar… ah well…carry on… i’ll hack my own

            1. chirau

              Hacking…hobby or profession?

              1. munhu_mutema

                obsession

        3. Concern Shoko

          You think you can hack? Try http://www.mbcanet.co.zw and gimme feedback

          1. devgeek

            how much do i get, if i show you the security holes in ur site?

          2. Crash0

            is this ur Website kid

      2. Big M!

        whats ya web adress son?

      3. munhu_mutema

        keep ur dollar n leave the link here.will do it for free..
        #challenge_accepted.

  6. Antony Masocha

    The other thing is Zimabwean comapnies’s inability to tell a real developer from none if u check these websites they will probably end up going back to one ot 2 developers someone correct me

  7. Antony Masocha

    A lot of people are masquerading as developers when they are not its simple lack of knowledge.How can u think someone will develop a site for 30usd and how many pple are getting those sites or even 200usd for that matter daylight robbery of the unsuspecting client

  8. Big M!

    UZ website is down as well

  9. L.S.M. Kabweza

    yeah, that hack was specifically targeted the Herald.

  10. Lon

    Soul;

    Great article and insight about the trend of the hacking in Zim.However, I beg to differ on this point you raised ” No, the rate of hacking has not increased at all”.

    Generally, the trend of hacking is increasing across the globe with Africa or Zim being part of this trend.This trend will continue to increase as Africa adopts more technology and faster internet.
    So most organisations in Zim need to adopt the basics of enterprise security at the application, infrastructure, database, people and process layers.

    1. L.S.M. Kabweza

      thanks @88ec0d37a66984288b18255b7a5dd2de:disqus
      Just to clarify, i don’t think the rate has increased but i do think the number of hacked websites locally is increasing for the reason that there are more websites being created.
      I however still don’t think Zimbabwe (or Africa) is getting the majority of the hacks. The data is just not there to support this. The little data available, like that on Zone-H suggest that most defacement is are actually happening on US hosted websites.
      A quick check for example of the most recent 200 defaced websites globally (those submitted to Zone-H at least) this morning shows:
      USA 66
      Germany – 19
      Brazil – 16
      Singapore – 14
      Turkey – 8
      Australia – 8
      Denmark – 6
      Argentina – 5
      UK – 5
      Poland – 5
      Croatia – 5
      Canada – 4
      Hungary – 4
      Ukraine – 3
      Serbia- 3
      Romania- 3
      Vietnam- 3
      Chile – 2
      France – 2
      Slovenia -2
      etc…

      If you can find data that shows the hacking of Zim & Africa sites is on the increase, then let’s look at it. The issue may be that network admins & ISPs staffers in Africa are finding a lot of hack attempts on their networks and take this to be a new phenomenon that its is not.

      1. Lon

        Kabweza;

        Thanks for referencing H-Zone. This site is a reflection of sites being defaced and most of the guys who report here are not the new and advanced breed of hackers. The new breed of hackers thrive of Advanced persistent Hacks mainly driven by gain or profit. Their aim is not to eventually hack ZIm ICT infrastructure but to use it as a lunching platform for performing massive DDOS attacks on their targeted attacks in other continents. The reason for using Africa’s infrastructure is because the ISP are still backwards and that their is not centralised Computer Security Incident response center in Africa. If my memory serves me well, I think SA , Kenya and other 2 countries haves a CSIRC.

        Targeted hacking is not about page defacement. Page defacement is for the naive and those testing their skills in the game. Most advanced hacking techniques go un-noticed because those who perform them know that the rule of the game is ” do not leave any traces”

        There is a lot of research out the reflecting the increase of targeted attacks in Africa. The problem is most African countries at the moment don’t know what is lying under the carpet due to lack of awareness, investment and regulation around security,

        Some guys in South Africa published a good research on the threat barometer 2013 and there is a section on where Africa Stands on CyberSecurity . Have a read and see where you will stand after wards:

        http://issuu.com/cybershield/docs/sa_2012_cyber_threat_barometer_medi_20121105104135

        Finally, I am very confident that hacking is on the increase in Zim and Africa as a whole. It’s a matter of time before we realise huge financial and reputation implication of hacking on some of the major industries such as banking, transport, Energy/Utilities, Education etal:

        http://www.itnewsafrica.com/2012/10/cyber-crime-costs-south-africa-r3-7-billion/

        http://cybercrime.org.za/

        1. L.S.M. Kabweza

          I agree that hacking particularly that of defacement is on increasing. I just don’t agree that the percentage of defaced websites out of overall number of sites is increasing.
          In terms of African internet servers being used as Zombies or platforms to launch attacks, I think it’s not clear in the article (my bad) that that is not the issue being discussed by the article. The article is talking about the recent attacks on many high profile websites that seem to show hacking in the form of defacement, is on the increase.
          Other forms of hacking, like stealing data from financial institutions, customer records, etc.. are indeed most likely to be on the increase, especially if prospects on monetizing these efforts become higher.

  11. Blazjames

    I am surprised that banks are on the list. They should have tighter security.

  12. Dogstar

    My 2c on this is that Zimbabwe is now becoming more connected to the WWW. As we move towards more online real time processing systems also joining the WWW gravy train like financial institutions like banks, credit providers (Truworths, Edgars, etc), Econet(checking your bill, list of calls, etc) etc, we will see hacking more for financial reasons.than for fun. PayGate in SA had their systems broken into some weeks ago. Soon FBC Kingdom bank, etc will feel these guys one way or the other.

    1. Crash0

      Yeah you are wryt man Worse of all just 2 years ago EC-Council has Accreditted a couple of Institutions to train what they call Certified Ethical Hacking…….More Hacks are coming…..Watch the Space

  13. Jon Koni

    MSU website, you cant hack it. The most widely used Tertiary Education website in Zimbabwe

    1. Crash0

      Jon Koni there isn’t a Website which can’t be Hacked….

  14. munhu_mutema

    .

  15. Dragon Story Cheats

    We are a group of volunteers and opening a new scheme
    in our community. Your web site offered us with
    helpful helpful and paintings on . You have made ​​an impressive job and our all the neighborhood
    will probably be grateful to you .
    Unquestionably imagine that you said . Your favorite
    reason appeared to be on the web simple thing to have in mind of .
    I tell you , i definitely annoyed at the same time while
    think worries clear that not understand about . You controlled and also out on all managed to
    hit the nail on the top without having side-effects , people could take a signal.
    Will probably be again to get more. Thanks

2023 Β© Techzim All rights reserved. Hosted By Cloud Unboxed