advertisement

Harare Institute of Technology allegedly hit with cyber attack

advertisement
HIT-hack

Today, on whatsapp a screenshot with the Harare Institute of Technology website being shown as hacked started circulating. We tried to open the website to see the same thing as was in the picture but it failed to load. Chances are that the website has been taken down by HIT if they’ve found out what has happened hence it’s no longer opening.

advertisement

Since the website couldn’t open, we cannot say that they have been hacked as a fact because the website being down could be caused by something else and just be a coincidence. However, we also recently received the following email from the attacker.

HIT-hack-screenshot
Screeenshot that was circulating on whatsapp earlier

===============================================

advertisement

=             Last Life Hackers                                                 =

===============================================

*            RANSOMWARE LETTER                                       *

**************************************************************************

This is not a rape,

we are not molesting you,

we are not killing anyone,

we are not setting off bombs.

This is a ransom – and this is a targetted attack.

************************************************

We have shredded and deleted all your backups eliminating

all chances of recovery.

All of your sensitive files, databases and emails have been copied to

a remote server and all local copies have been encrypted using AES-256

and the originals deleted.

We encrypted 1.3TB of University data using salted AES-256 CBC, including emails dating back to 2013, all financial records, student aid records, the entire website and 56GB worth of MySQL databases. Daily incremental backups to a bastion server were misconfigured and have not for ages(wrong IP) hence all copies of backups which were on the same machine were destroyed.

AES is a symettric encryption, meaning you will get all of your data back

if you use the same key used to encrypt the files.

We require that you pay USD$999 for the decryption key and instructions on how to recover all your data.

Send an email to onmylastlife@protonmail.com before the 27th of June 2017 or we will

delete the encryption key and terminate the email account. We will also disclose instructions on how

payment should be sent via Bitcoin.

If you contact ProtonMail resulting in the closure of the email address or fail to pay

the ransom by the 27th of June – all of your files will be lost and we will dump the decrypted 56GB gzipped database online.

 

Remember!, this is simply a ransom, not rape or murder.

Contact: onmylastlife@protonmail.com

Email header: H.I.T ransom settlement

Greetings!!!

***************************************************************************************

As a sign of good faith: Here is the password used to encrypt your 600GB email

backup:

To decrypt the email backup run:

ENC_PASSWORD=”P09eJWHu0VjuH17dzXCPEuk5vmYZh+vbkPVDFd2+oRn6AEOpUPhSPCM3UjFgMBMq

gFmU4n7Wm6KDLSdZ9rH5eLa2OzuiPgwvTYaA2kMnJO9PKJUT8e6u3CQ+e2rRp5po

dg==”

cd /home/backup/

for f in $(find -type f \( -name “*.ransomed” \)); do echo “Decrypting $f … “; cat “$f” | openssl enc -d -aes-256-cbc -nosalt -pass “pass:$ENC_PASSWORD” | cat > “$f.orig” ; rm -f “$f”; done;

Sent with ProtonMail Secure Email.


Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, click here to enter your query.


WhatsApp Discussions

Click to join a Techzim WhatsApp group:
https://chat.whatsapp.com/BAKguGt02jgDcBO2YZoXuv

If you find the group full, please notify us on +263 715 071 199 and we'll update the link.


44 thoughts on “Harare Institute of Technology allegedly hit with cyber attack

  1. lol! i thought it was just a fake warning after they defaced the site. seems they got owned here…..

    1. Lack of qualified personnel. They’re only good at marketing themselves as well as claiming to be a top technological institute. A mere tiger on a paper.

  2. paita ashaya mari ye fees apa. With alll the records the hackers have why only ask for $999?

  3. We are not safe anymore- people are getting more greedy by the day. However, my theory is ” Hackers are the same people who design operating systems and know all the back-doors”. We will never win the game.

    1. Wrong – you don’t have to have written the OS to hack but an excellent knowledge of it helps. Hackers are usually sharp at both software and hardware/electronics engineering.

  4. TechZim you are next..backup your site before I attack it.

    oNmYLastLife (We are the Serbians)

    n0where.net/

  5. you can’t tell me that hit did not have a physical backup of the records. if thy do restore everything.

  6. Techzim ..did you interview people from H.I.T? Or you now operating like H-Metro? So you are say if i creat a text on whatsapp saying you were hacked does that make it real?
    Or you are saying everything on whatsapp is a fact

      1. so basically its a rumour? The why write “Harare Institute of Technology allegedly hit with cyber attack” as if you are certain

        1. I used the word allegedly because it is used to say that something is claimed to be the case or have taken place, although there is no concrete undeniable proof. I also stated in the article that the fact that the site is down could have been caused by something else. We have engaged people from HIT but we haven’t received a response yet.

            1. And also went there in the afternoon,asked the administration staff about it and they said yes its true it was hacked,

  7. From my own understanding with experience in the industry thats just general web defacing That message is just for cyber bullin and an intrest in social engineering.

    Go down on the ground and see. Systems at HIT are different , their website is just a front end system linking those systems

    1. There is nothing spectacular on that issue. Its not even a ransomware. Thats a hack and now they are doing social engineering

      1. i wouldnt be so sure. Today they brought the site back online for a breif moment but i couldnt access my results or emails or any of the elearning facilities except for the static home page,so yeah they hacked big time

  8. ..Plenty vulnerabilities on this site & can only be discovered by geniuses.. evil laugh mmmmmwaaaha ha ha ha ha 🙂

  9. its not the $999 they are after, these guys are testing the power of the I.T security of the H.I.T…. when the ransom is paid, something big will come up and they will demand more…
    common sense; watch scorpion the series

    1. Haha guys, people are watching too much Mr Robot, Silicon Valley and Scorpion Series whatever, so many of them, just so you know this is an actual crime, and its homework which is being worked on, so most of your contributions are being collected and processed since this is a public website and a public issue.

  10. hahahaha they apparently they want 1000 biticoin guys which is close to $2 800 000. HIT yagarira nhanzva apa. Munhu wese can now physically claim to be their graduate. Zvikwereti cancelled….kkk

Comments are closed.