advertisement

AMH news websites NewsDay, Independent and Standard, hacked

advertisement

Earlier today we got tipped that 3 news websites belonging to one of Zimbabwe’s largest media companies, Alpha Media Holdings, had been hacked. We verified and indeed confirmed that NewsDay, The Zimbabwe Independent, and The Standard had all been hacked by the same hackers.The hackers basically introduced new malicious files onto the websites’ servers in an attempt to divert visitors to a defaced version of the homepage.

advertisement

Here’s a screenshot of the malicious pages showing in a web browser:

newsday-attack

advertisement

The particular mission to deface the site largely failed, except ofcourse for any visitors that accessed the malicious file directly. It’s also an issue if the search engines detect the malicious files when they crawl the site as they will then warn users away from it.

All three sites were attacked the same way and indication they had from the same security vulnerability. We contacted Alpha Media Holdings and alerted them to the issue. It’s since been fixed.

As you can see from the screenshot, the attackers are going with the #FreeSyrian hacktivism cause, but we doubt they specially targeted AMH.


Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, click here to enter your query.


WhatsApp Discussions

Click to join a Techzim WhatsApp group:
https://chat.whatsapp.com/DhJIODAb9nSCqaB6fl4syL

If you find the group full, please notify us on +263 715 071 199 and we'll update the link.


14 thoughts on “AMH news websites NewsDay, Independent and Standard, hacked

  1. it because these guys wakawomera they should not download ma free components on the internet to build their websites, the free stuff on the net has a lot of trojans and bugs

      1. WordPress is the most hacked when compared to Joomla and Drupal. They had it coming being a small developer team product. Just look at how many patches they have gone through. Joomla has matured from the Mambo days and is much more stable with a big user community contributing to its development, but is it friendly?

  2. Ahh I love Joomla so much but its so frustrating when these Zim companies fail to maintain them and then the uneducated come with their hubba bubba of cussing out Joomla! Im no super web developer but I have built a few Joomla sites, installed RS Firewall, did all the required security configurations it suggested and they have never fallen pray to these type of attacks. Sometimes spending just $100 on a security component can go a long long way!

    1. From another forum, and I tend to agree:

      Security

      WordPress is notorious for being the least secure CMS. While this is definitely because it is the most popular CMS, and thus relatively easier to hack, it still cannot be denied that newer security loop-holes are discovered in WP way more often than in either Drupal or Joomla! Furthermore, WP plugins and themes too come with their share of hacks and exploits.

      Drupal, on the other hand, seems to be the most secure CMS of the three, with the least number of hacks and exploits, on an average (it was chosen by The White House for its website, after all).

  3. Somebody didn’t patch and lockdown their systems or they use a lousy ftp password. Either way, these hackers just wanted to show something for their cause. Malicious ones would have loaded enough porn, illegal/pirate software and viruses to make the admin cry. Maybe others in the same physical server got hit, who knows?
    By the way, they use WordPress, not Joomla.

Comments are closed.