advertisementBuy ZESA tokens online

Zimbabwean websites hacked. Joomla fault or just poor security management?


So every now and again we get tips about local websites that have been hacked, defaced or compromised in one way or the other. In the past few days, there was an increase in such tips as quite a number of websites, most of organisations very well known, were compromised. As has been the case in the many previous cases we’ve seen, it doesn’t look like these hackers maliciously  targeted these companies – just vulnerabilities random script kiddies come across.

The recent wave of compromise looks to have been targeting one particular vulnerability on Joomla powered websites. The hackers essentially uploaded malicious files in some directories on the websites. The hack itself (see example above in the case of the University of Zimbabwe) is not visible to visitors to the site, but demonstrates how malicious content that could potentially hurt visitors can be added to the site without the owner of the site knowing. We’re guessing a fix for that vulnerability was released but these websites just didn’t get patched.

Here’s a list of some of the websites we got to know of that got compromised. The links are to the screenshots we captured, so don’t be afraid to click through.


Seeing most of these websites use the Joomla CMS, do you think there’s anything inherently insecure about Joomla, or this’s just indicative of the platform many web developers locally use, and that naturally therefore more Joomla sites than other CMSs get hit if left unpatched?

Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, chat with us using the chat feature at the bottom right of this screen

You might also like

Liquid Telecom to take full control of Botswana subsidiary

Local startup Wellnescript has launched an employee wellness platform

MultiChoice Group selects Metrological to deliver premium OTT services to DStv

Harare City Council to blacklist rate defaulters