AMH news websites NewsDay, Independent and Standard, hacked

Posted by

Earlier today we got tipped that 3 news websites belonging to one of Zimbabwe’s largest media companies, Alpha Media Holdings, had been hacked. We verified and indeed confirmed that NewsDay, The Zimbabwe Independent, and The Standard had all been hacked by the same hackers.The hackers basically introduced new malicious files onto the websites’ servers in an attempt to divert visitors to a defaced version of the homepage.

Here’s a screenshot of the malicious pages showing in a web browser:

newsday-attack

The particular mission to deface the site largely failed, except ofcourse for any visitors that accessed the malicious file directly. It’s also an issue if the search engines detect the malicious files when they crawl the site as they will then warn users away from it.

All three sites were attacked the same way and indication they had from the same security vulnerability. We contacted Alpha Media Holdings and alerted them to the issue. It’s since been fixed.

advertisement

As you can see from the screenshot, the attackers are going with the #FreeSyrian hacktivism cause, but we doubt they specially targeted AMH.

14 Comments

  1. brainy says:

    though it was one of the most secure sites in zimbabwe,any how it was on the server site ,this i an sure….

    1. Farai says:

      What made you think that?

  2. ngth says:

    so much for AMH insisting on external hosting cos it is better than zim hosting, didn’t help them this time.

  3. Muti says:

    This is funny.

  4. fungai says:

    it because these guys wakawomera they should not download ma free components on the internet to build their websites, the free stuff on the net has a lot of trojans and bugs

    1. You may know better but I don’t think this is about free components. Just a security configuration issue.

      1. Farai says:

        WordPress is the most hacked when compared to Joomla and Drupal. They had it coming being a small developer team product. Just look at how many patches they have gone through. Joomla has matured from the Mambo days and is much more stable with a big user community contributing to its development, but is it friendly?

        1. Keith says:

          You’re obviously talking out your rear end. Joomla has literally hundreds of known exploits.

  5. Time says:

    Ahh I love Joomla so much but its so frustrating when these Zim companies fail to maintain them and then the uneducated come with their hubba bubba of cussing out Joomla! Im no super web developer but I have built a few Joomla sites, installed RS Firewall, did all the required security configurations it suggested and they have never fallen pray to these type of attacks. Sometimes spending just $100 on a security component can go a long long way!

    1. Dev1 says:

      Time it’s not a Joomla website

    2. Farai says:

      From another forum, and I tend to agree:

      Security

      WordPress is notorious for being the least secure CMS. While this is definitely because it is the most popular CMS, and thus relatively easier to hack, it still cannot be denied that newer security loop-holes are discovered in WP way more often than in either Drupal or Joomla! Furthermore, WP plugins and themes too come with their share of hacks and exploits.

      Drupal, on the other hand, seems to be the most secure CMS of the three, with the least number of hacks and exploits, on an average (it was chosen by The White House for its website, after all).

  6. Farai says:

    Somebody didn’t patch and lockdown their systems or they use a lousy ftp password. Either way, these hackers just wanted to show something for their cause. Malicious ones would have loaded enough porn, illegal/pirate software and viruses to make the admin cry. Maybe others in the same physical server got hit, who knows?
    By the way, they use WordPress, not Joomla.

Leave a Reply

Your email address will not be published.

css.php