Another high profile website hacked, this time it’s Fingaz

Staff Writer Avatar
Financial Gazette website hacking

We have been alerted by readers to the hacking of yet another high profile website in Zimbabwe, that of the Financial Gazette, www.financialgazette.co.zw. Our checks show that the website was hacked on Friday, 4 January 2013, and remains compromised at the time of posting this article.

Loading the Fingaz website right now shows the page in the screenshot below:

Financial Gazette website hacking

Some of you will probably notice that the hack, by a group called HighTech Brazil HackTeam, is similar to the one that hit the ZOL last week. And like the ZOL website defacement, this one also looks like a random attack on known content management vulnerabilities.

Our checks also show that the website is hosted internationally. The Financial Gazette, is one of the most read local weekly newspapers in Zimbabwe. Like other newspapers in the country, the media company’s establishment of online presence has not been smooth. Websites belonging to print media companies in Zimbabwe have been subjected to defacement in such random hacks.

Here are some examples in the past 2 years:

Thank you Greg Kawere

11 comments

  1. Dogstar

    My oh my…when are they going to wake and smell the rot in their code?

  2. Haki

    Can techzim investigate if these sites where designed by the same person/company ? this is pointing to the designers/developers of the site?

    1. tinm@n

      For most, as this one, it is clear as crystal.

  3. tinm@n

    Lesson number n+1 from the hacks: Backup daily. File & DB. Roll-back becomes “easy” in the event of such incidents.

    1. allan

      rollback to a unpatched, re-hackable site? not too smart!

      1. tinm@n

        You have no clue what I’m talking about

  4. kthaker

    gives a whole new meaning to the word “hackfest” 😀

  5. ngth

    I see a lot of developers on here pointing out flaws etc, but maybe the best plan is to help educate us. Could techzim solicit advise on improving web security from a development and hosting perspective, it could be a really interesting article and help us all learn at the same time.

  6. DotLiquid

    “Using known CMS vulnerabilities, they hacked the sites either through direct SQL injections or XSS by crafting code like It wont be hard to hack those sites with out of support Content management System and with exploits script available online.” – http://www.knowledge-republic.com/CRM/2012/12/case-study-on-www-pa-gov-sg-being-hacked-by-hightech-brazil-hackteam/

    1. Shady Echo $:19

      if direct sql injection was used i would shoot the person who did not do sql escaping, seriously!

  7. Zimbabwe Independent Website Hacked – The Zimbabwe Mail | The Zimbabwe Mail

    […] has been prey for hackers with websites of various publishers such as Fingaz and The Herald, and banking sector websites having been hacked at least once in the last few years. […]

Join Waitlist We will inform you when the product arrives in stock. Please leave your valid email address below.