Zimbabwe and regional technology news and updates


Why Zimbabwean websites are increasingly getting hacked (list of hacked sites)

Hacked Again

Hacked AgainIn recent months, each time we’ve posted an article about a high profile website being hacked – such as the story about Fingaz today – what follows is a number of tweets, emails and phone calls with readers basically ask: What’s going on? Why has the hacking increased so much? Why are Zim websites being targeted?

We attempt to answer these questions in this article. You can also add your views, thoughts and questions about the situation in the comments below.

No, no one’s maliciously targeting Zimbabwe

No, no one is targeting Zimbabwean companies and websites. We have observed that all of them so far are random defacement. This is why for example you will find that the same hackers that hit the ZOL and Fingaz websites also hit hundreds of other unrelated websites globally with the same defacement message around the same time.

Specially targeted attacks are more brutal than these random hits. A good example is “Operation Avenge Assange”, an attack on PayPal and other websites which was executed by the “Anonymous” hacking group to avenge attempts by some governments and global companies to cripple Wikileaks funding. More here: Operation_Payback#Operation_Avenge_Assange.

No, the rate of hacking has not increased at all

What we see increasing is the number of new Zimbabwean websites. Which is really great we should add, all thanks to free open source tools that make anyone who can use the internet a creator of content able to start their own website. More websites however means more of them can be hacked but that doesn’t mean at all that the rate of hacking has increased.

The hacking is just reported more than before

Website hacking and defacement is not a new phenomenon. It’s been happening to websites locally and globally since the internet came to be and some actually suggest the unscrupulous practice has seen a decrease in recent years. Lately however in Zimbabwe’s case, blogs like us report these cases more. In the past, such issues would just go unreported.

Just to underscore that point, we’ve inserted at the bottom of this article a list of the websites of some known Zim brands (the ones at least) that have been hacked since 2001, the majority of which were never reported in the news.

Why do hackers hack websites?

For numerous reasons; some do it purely for fun, some to tests their newly acquired knowledge about computer security, some as a form of Hacktivism to protest political decisions or military conflicts, some out of revenge or to discredit a brand/individual and some just to prove a website is hackable.

How can you protect yourself?

We have an article here on Techzim published several months ago, which goes into how you can best protect yourself. The advice there still applies. But basically our advice is that if you don’t have the skills to keep your web properties secure (and if you can’t be bothered learning how), then please consult people who have a proven track record in securing internet properties.

If you still have any questions about website hacking and defacement, please enter them in the comments section below, and we (& other readers) will do our best to answer you.

List of some defaced websites since 2001
Please note that we’ve listed just 76 defaced websites out of over 1,000 websites archived on Also keep in mind that it’s just the domains listed – a lot of Zimbabwean companies have .com domains because of the difficulties of registering a local domain. Lastly, note that Zone-H itself relies on submissions by people (mostly the hackers themselves we’re guessing), which means hacks not submitted to the archive are not listed.

Website address Company Defaced Date Zimbabwe Classifieds

29-Apr-2001 CBZ Holdings

29-Apr-2001 NetOne

2-Jul-2001 Reserve Bank of Zimbabwe

13-Aug-2002 Nokia Zimbabwe

24-Sep-2002 Metropolitan Bank

2-Nov-2002 Dairiboard Zimbabwe

2-Nov-2002 Sage Pastel Zimbabwe

2-May-2005 IOBZ

2-May-2005 Mukonitronics

2-May-2005 Pastel Zimbabwe

2-May-2005 Doves

2-May-2005 FABS

2-May-2005 CSC

2-May-2005 Venekera

2-May-2005 ZABG Bank

2-May-2005 Chips Computing

2-May-2005 Chronicle

2-May-2005 Clan

2-May-2005 Toyota Zimbabwe

2-May-2005 Afrosoft

2-May-2005 Zimbabwe Online

24-Jul-2005 Renaissance

10-Feb-2006 MDC

19-Apr-2006 Afrasia Kingdom Bank

16-Sep-2006 Harare International Festival of Arts

6-Feb-2007 Truworths

5-Jul-2007 Dawn Properties

28-Jul-2007 POSB

28-Jul-2007 Jaggers

28-Jul-2007 Infrastructure Development Bank of Zimbabwe

28-Jul-2007 NMB Bank Limited

18-Aug-2007 Genesis Bank

30-Nov-2007 Highlanders FC

28-Apr-2008 AgriFoods

27-May-2008 Telecontract

27-May-2008 Celsys

9-Sep-2008 National Gallery of Zimbabwe

9-Sep-2008 MARS Zimbabwe

3-Oct-2008 KIA Motors

3-Oct-2008 ZABG Bank

24-Sep-2009 Sage Pastel Zimbabwe

24-Sep-2009 Europcar Zimbabwe

24-Sep-2009 Rooney’s

24-Sep-2009 Techzim

13-May-2010 KIA Motors

14-Jun-2010 Microman

14-Jun-2010 Stuttafords

14-Jun-2010 Zimrights

15-Jul-2010 EatOut Zimbabwe

6-Oct-2010 Iran Embassy

4-Jan-2011 Zimbabwe Stock Exchange

13-Mar-2011 Belina Payroll

12-Apr-2011 Nicoz Diamond Insurance

16-Apr-2011 Clover Leaf Motors Group

11-Sep-2011 RM Insurance Company

13-Sep-2011   Bronte Hotel

27-Jan-2012  Safeguard

27-Jan-2012 ESET Zimbabwe

15-Mar-2012 Zimbabwe National Water Authority

22-Mar-2012 Pro Plastics

30-Mar-2012 Kingstons Holdings

30-Mar-2012 Daily News

1-Jul-2012 Willovale Mazda motor Industries

9-Jul-2012 Telecel Zimbabwe

19-Nov-2012 Zinara

22-Nov-2012 Green Fuel

6-Dec-2012 Nicoz Diamond Insurance

10-Dec-2012 CABS

16-Dec-2012 Delta Corporation

23-Dec-2012 University of Zimbabwe-University of California San Francisco (UZ-UCSF) Collaborative Research Programme

23-Dec-2012 Her Zimbabwe

24-Dec-2012 Zimbabwe Online

28-Dec-2012 Zimnat Life Assurance

31-Dec-2012 Benny’s Burgers

3-Jan-2013 FirstTel


Quick NetOne, Econet, And Telecel Airtime Recharge

43 thoughts on “Why Zimbabwean websites are increasingly getting hacked (list of hacked sites)

  1. You are very wrong to think that hackers are not targeting Zimbabwean companies and websites. If you worked for ISPs, seen what they have to deal on daily basis with you will understand

    1. mmmmm, i still think most of these hacks are automated. this “Hackeado por HighTech Brazil HackTeam” (google it) team has defaced ‘hundreds’ of seemingly random sites this past week. hardly seems like they were targeting anyone is specific, most likely, they are scanning (using some bot) for sites with a specific vulnerability and then exploiting it.

    2. Hackers are targeting Zimbabwean sites, but they are not SPECIFICALLY targeting Zim sites, its part of a large scale hacking systems that doesnt necesarily target Zim sites only, the practice is not exclusive to Zim

    3. has a list of the most recent defaced websites.
      The list of 100 most recently defaced websites today doesn’t even have a Zimbabwean website in it. it’s
      36 United States
      9 Germany
      9 Poland
      9 Netherlands
      7 Hungary
      5 Malaysia
      3 Finland
      3 Indonesia
      2 Greece
      2 Denmark
      2 Canada
      2 UK

      1 Cuba
      and so on…

  2. i dont think was even in existance in 2001?

    in most cases, hacked/defaced websites are just a front for what actually happens in the background of the server itself. you will find scripts that mass mail, scripts that DDOS other websites and server IP’s, as well as scripts that are used to hack other sites.

      1. yeah, i reckon the dates arent correct. or someone had been using that domain name before the current classifieds site… zone-h is an interesting website in any case 🙂

  3. Hats off sir. If they don’t take heed to your counsel or critic ignore them and leave them like that. You laid it plain and simple. Take it or leave it, if you are hacked, “indaba zako wena”.

        1. Lol. You guys are funny. I was joking. I don’t own a live site currently. I will be sure to give it to you for testing purposes. I will hold my promise though, a reward for anyone who can.

          On a seperate note, why can’t I post a comment (my own, not a response) on this site? @kabweza, am I blocked?

          1. That just killed the excitement. The reward of bringing down something that is claimed to be secure on invitation is certainly worth more than the dollar… ah well…carry on… i’ll hack my own

  4. The other thing is Zimabwean comapnies’s inability to tell a real developer from none if u check these websites they will probably end up going back to one ot 2 developers someone correct me

  5. A lot of people are masquerading as developers when they are not its simple lack of knowledge.How can u think someone will develop a site for 30usd and how many pple are getting those sites or even 200usd for that matter daylight robbery of the unsuspecting client

  6. Soul;

    Great article and insight about the trend of the hacking in Zim.However, I beg to differ on this point you raised ” No, the rate of hacking has not increased at all”.

    Generally, the trend of hacking is increasing across the globe with Africa or Zim being part of this trend.This trend will continue to increase as Africa adopts more technology and faster internet.
    So most organisations in Zim need to adopt the basics of enterprise security at the application, infrastructure, database, people and process layers.

    1. thanks @88ec0d37a66984288b18255b7a5dd2de:disqus
      Just to clarify, i don’t think the rate has increased but i do think the number of hacked websites locally is increasing for the reason that there are more websites being created.
      I however still don’t think Zimbabwe (or Africa) is getting the majority of the hacks. The data is just not there to support this. The little data available, like that on Zone-H suggest that most defacement is are actually happening on US hosted websites.
      A quick check for example of the most recent 200 defaced websites globally (those submitted to Zone-H at least) this morning shows:
      USA 66
      Germany – 19
      Brazil – 16
      Singapore – 14
      Turkey – 8
      Australia – 8
      Denmark – 6
      Argentina – 5
      UK – 5
      Poland – 5
      Croatia – 5
      Canada – 4
      Hungary – 4
      Ukraine – 3
      Serbia- 3
      Romania- 3
      Vietnam- 3
      Chile – 2
      France – 2
      Slovenia -2

      If you can find data that shows the hacking of Zim & Africa sites is on the increase, then let’s look at it. The issue may be that network admins & ISPs staffers in Africa are finding a lot of hack attempts on their networks and take this to be a new phenomenon that its is not.

      1. Kabweza;

        Thanks for referencing H-Zone. This site is a reflection of sites being defaced and most of the guys who report here are not the new and advanced breed of hackers. The new breed of hackers thrive of Advanced persistent Hacks mainly driven by gain or profit. Their aim is not to eventually hack ZIm ICT infrastructure but to use it as a lunching platform for performing massive DDOS attacks on their targeted attacks in other continents. The reason for using Africa’s infrastructure is because the ISP are still backwards and that their is not centralised Computer Security Incident response center in Africa. If my memory serves me well, I think SA , Kenya and other 2 countries haves a CSIRC.

        Targeted hacking is not about page defacement. Page defacement is for the naive and those testing their skills in the game. Most advanced hacking techniques go un-noticed because those who perform them know that the rule of the game is ” do not leave any traces”

        There is a lot of research out the reflecting the increase of targeted attacks in Africa. The problem is most African countries at the moment don’t know what is lying under the carpet due to lack of awareness, investment and regulation around security,

        Some guys in South Africa published a good research on the threat barometer 2013 and there is a section on where Africa Stands on CyberSecurity . Have a read and see where you will stand after wards:

        Finally, I am very confident that hacking is on the increase in Zim and Africa as a whole. It’s a matter of time before we realise huge financial and reputation implication of hacking on some of the major industries such as banking, transport, Energy/Utilities, Education etal:

        1. I agree that hacking particularly that of defacement is on increasing. I just don’t agree that the percentage of defaced websites out of overall number of sites is increasing.
          In terms of African internet servers being used as Zombies or platforms to launch attacks, I think it’s not clear in the article (my bad) that that is not the issue being discussed by the article. The article is talking about the recent attacks on many high profile websites that seem to show hacking in the form of defacement, is on the increase.
          Other forms of hacking, like stealing data from financial institutions, customer records, etc.. are indeed most likely to be on the increase, especially if prospects on monetizing these efforts become higher.

  7. My 2c on this is that Zimbabwe is now becoming more connected to the WWW. As we move towards more online real time processing systems also joining the WWW gravy train like financial institutions like banks, credit providers (Truworths, Edgars, etc), Econet(checking your bill, list of calls, etc) etc, we will see hacking more for financial reasons.than for fun. PayGate in SA had their systems broken into some weeks ago. Soon FBC Kingdom bank, etc will feel these guys one way or the other.

    1. Yeah you are wryt man Worse of all just 2 years ago EC-Council has Accreditted a couple of Institutions to train what they call Certified Ethical Hacking…….More Hacks are coming…..Watch the Space

  8. We are a group of volunteers and opening a new scheme
    in our community. Your web site offered us with
    helpful helpful and paintings on . You have made ​​an impressive job and our all the neighborhood
    will probably be grateful to you .
    Unquestionably imagine that you said . Your favorite
    reason appeared to be on the web simple thing to have in mind of .
    I tell you , i definitely annoyed at the same time while
    think worries clear that not understand about . You controlled and also out on all managed to
    hit the nail on the top without having side-effects , people could take a signal.
    Will probably be again to get more. Thanks

Comments are closed.