Earlier today we got tipped that 3 news websites belonging to one of Zimbabwe’s largest media companies, Alpha Media Holdings, had been hacked. We verified and indeed confirmed that NewsDay, The Zimbabwe Independent, and The Standard had all been hacked by the same hackers.The hackers basically introduced new malicious files onto the websites’ servers in an attempt to divert visitors to a defaced version of the homepage.
Here’s a screenshot of the malicious pages showing in a web browser:
The particular mission to deface the site largely failed, except ofcourse for any visitors that accessed the malicious file directly. It’s also an issue if the search engines detect the malicious files when they crawl the site as they will then warn users away from it.
All three sites were attacked the same way and indication they had from the same security vulnerability. We contacted Alpha Media Holdings and alerted them to the issue. It’s since been fixed.
As you can see from the screenshot, the attackers are going with the #FreeSyrian hacktivism cause, but we doubt they specially targeted AMH.