Harare Institute of Technology allegedly hit with cyber attack

Rufaro Madamombe Avatar

Today, on whatsapp a screenshot with the Harare Institute of Technology website being shown as hacked started circulating. We tried to open the website to see the same thing as was in the picture but it failed to load. Chances are that the website has been taken down by HIT if they’ve found out what has happened hence it’s no longer opening.

Since the website couldn’t open, we cannot say that they have been hacked as a fact because the website being down could be caused by something else and just be a coincidence. However, we also recently received the following email from the attacker.

Screeenshot that was circulating on whatsapp earlier


=             Last Life Hackers                                                 =


*            RANSOMWARE LETTER                                       *


This is not a rape,

we are not molesting you,

we are not killing anyone,

we are not setting off bombs.

This is a ransom – and this is a targetted attack.


We have shredded and deleted all your backups eliminating

all chances of recovery.

All of your sensitive files, databases and emails have been copied to

a remote server and all local copies have been encrypted using AES-256

and the originals deleted.

We encrypted 1.3TB of University data using salted AES-256 CBC, including emails dating back to 2013, all financial records, student aid records, the entire website and 56GB worth of MySQL databases. Daily incremental backups to a bastion server were misconfigured and have not for ages(wrong IP) hence all copies of backups which were on the same machine were destroyed.

AES is a symettric encryption, meaning you will get all of your data back

if you use the same key used to encrypt the files.

We require that you pay USD$999 for the decryption key and instructions on how to recover all your data.

Send an email to onmylastlife@protonmail.com before the 27th of June 2017 or we will

delete the encryption key and terminate the email account. We will also disclose instructions on how

payment should be sent via Bitcoin.

If you contact ProtonMail resulting in the closure of the email address or fail to pay

the ransom by the 27th of June – all of your files will be lost and we will dump the decrypted 56GB gzipped database online.


Remember!, this is simply a ransom, not rape or murder.

Contact: onmylastlife@protonmail.com

Email header: H.I.T ransom settlement



As a sign of good faith: Here is the password used to encrypt your 600GB email


To decrypt the email backup run:




cd /home/backup/

for f in $(find -type f \( -name “*.ransomed” \)); do echo “Decrypting $f … “; cat “$f” | openssl enc -d -aes-256-cbc -nosalt -pass “pass:$ENC_PASSWORD” | cat > “$f.orig” ; rm -f “$f”; done;

Sent with ProtonMail Secure Email.


  1. kilotango

    lol! i thought it was just a fake warning after they defaced the site. seems they got owned here…..

    1. GoDHanD


  2. Eng Dee

    HIT should up its game in terms of cyber security

    1. Anonymous

      Lack of qualified personnel. They’re only good at marketing themselves as well as claiming to be a top technological institute. A mere tiger on a paper.

  3. Anonymous

    this has inside job written all over it

  4. trev

    the innovation and technoprenuership university

  5. Anonymous

    HIT should jst Changamire from MSU

    1. uba remusenga

      Tell dem

      1. TheHacker

        Oooh dear, you have no idea. They already use Changamire and he aint safe at all

  6. unknown unknown

    paita ashaya mari ye fees apa. With alll the records the hackers have why only ask for $999?

  7. Anonymous

    amana $999 here

    1. Inini Wacho

      nhai nhai, vapfanha havazi serious ava. Dai vatoti vakuti $100K

      1. Anony

        Dzakapusa shuwa, $999, mari ye fees.

  8. Tendai Katsuwa

    We are not safe anymore- people are getting more greedy by the day. However, my theory is ” Hackers are the same people who design operating systems and know all the back-doors”. We will never win the game.

    1. Sagitarr

      Wrong – you don’t have to have written the OS to hack but an excellent knowledge of it helps. Hackers are usually sharp at both software and hardware/electronics engineering.

  9. anonymous

    Inga maiti HIT has the best gurus in town.

    1. Mupfanha_wacho

      The students are gurus the lecturers on the hand not so much

      1. Inini Wacho


    2. Anonymous

      You’ve been deceived my friend.

  10. Mupfanha_wacho

    Hahaha balemi namcdee ngavagadzirise site kwete kuita kunge vanhu vasinga keti

    1. Inini Wacho

      @Mupfanha_wacho LOOOOL wandispaka, Balemi ngavasote kkkkkkk

  11. oNmYLastLife

    TechZim you are next..backup your site before I attack it.

    oNmYLastLife (We are the Serbians)


    1. God

      Get a life

  12. anonymous

    Balemi vakasara padhiri iri. Vaita vatete…

  13. e

    you can’t tell me that hit did not have a physical backup of the records. if thy do restore everything.

  14. Anonymous

    Techzim ..did you interview people from H.I.T? Or you now operating like H-Metro? So you are say if i creat a text on whatsapp saying you were hacked does that make it real?
    Or you are saying everything on whatsapp is a fact

    1. Rufaro Madamombe

      Please read what I said. It clearly stated that we cannot state that the website was hacked for a fact. I will add more information when we get it.

      1. Anonymous

        so basically its a rumour? The why write “Harare Institute of Technology allegedly hit with cyber attack” as if you are certain

        1. Rufaro Madamombe

          I used the word allegedly because it is used to say that something is claimed to be the case or have taken place, although there is no concrete undeniable proof. I also stated in the article that the fact that the site is down could have been caused by something else. We have engaged people from HIT but we haven’t received a response yet.

          1. Unbk

            Rufaro,I saw it yesterday morning around 6am when I tried to open it,it was hacked.

            1. Unbk

              And also went there in the afternoon,asked the administration staff about it and they said yes its true it was hacked,

        2. Q

          Dude, please buy yourself a dictionary and look up the meaning of “allegedly”

    2. Unbk

      I saw it yesterday morning,there was that hacking msg,that’s true story

  15. Gatso

    mmmmmmh pakaiapa

  16. GItHUB

    From my own understanding with experience in the industry thats just general web defacing That message is just for cyber bullin and an intrest in social engineering.

    Go down on the ground and see. Systems at HIT are different , their website is just a front end system linking those systems

    1. GItHUB

      There is nothing spectacular on that issue. Its not even a ransomware. Thats a hack and now they are doing social engineering

      1. Mupfanha_wacho

        i wouldnt be so sure. Today they brought the site back online for a breif moment but i couldnt access my results or emails or any of the elearning facilities except for the static home page,so yeah they hacked big time

  17. Unbk

    As it is an institute of technology,they may have done it themselves in the name of experiment

  18. 3rd Anonymous

    ..Plenty vulnerabilities on this site & can only be discovered by geniuses.. evil laugh mmmmmwaaaha ha ha ha ha 🙂

    1. JUST


    2. Anonymous

      anyone who knows microsoft excel can hack that site

  19. gana

    its not the $999 they are after, these guys are testing the power of the I.T security of the H.I.T…. when the ransom is paid, something big will come up and they will demand more…
    common sense; watch scorpion the series

    1. LayLay

      Haha guys, people are watching too much Mr Robot, Silicon Valley and Scorpion Series whatever, so many of them, just so you know this is an actual crime, and its homework which is being worked on, so most of your contributions are being collected and processed since this is a public website and a public issue.

  20. Sinyoro0007

    hahahaha they apparently they want 1000 biticoin guys which is close to $2 800 000. HIT yagarira nhanzva apa. Munhu wese can now physically claim to be their graduate. Zvikwereti cancelled….kkk

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed