In recent months, each time we’ve posted an article about a high profile website being hacked – such as the story about Fingaz today – what follows is a number of tweets, emails and phone calls with readers basically ask: What’s going on? Why has the hacking increased so much? Why are Zim websites being targeted?
We attempt to answer these questions in this article. You can also add your views, thoughts and questions about the situation in the comments below.
No, no one’s maliciously targeting Zimbabwe
No, no one is targeting Zimbabwean companies and websites. We have observed that all of them so far are random defacement. This is why for example you will find that the same hackers that hit the ZOL and Fingaz websites also hit hundreds of other unrelated websites globally with the same defacement message around the same time.
Specially targeted attacks are more brutal than these random hits. A good example is “Operation Avenge Assange”, an attack on PayPal and other websites which was executed by the “Anonymous” hacking group to avenge attempts by some governments and global companies to cripple Wikileaks funding. More here: Operation_Payback#Operation_Avenge_Assange.
No, the rate of hacking has not increased at all
What we see increasing is the number of new Zimbabwean websites. Which is really great we should add, all thanks to free open source tools that make anyone who can use the internet a creator of content able to start their own website. More websites however means more of them can be hacked but that doesn’t mean at all that the rate of hacking has increased.
The hacking is just reported more than before
Website hacking and defacement is not a new phenomenon. It’s been happening to websites locally and globally since the internet came to be and some actually suggest the unscrupulous practice has seen a decrease in recent years. Lately however in Zimbabwe’s case, blogs like us report these cases more. In the past, such issues would just go unreported.
Just to underscore that point, we’ve inserted at the bottom of this article a list of the websites of some known Zim brands (the .co.zw ones at least) that have been hacked since 2001, the majority of which were never reported in the news.
Why do hackers hack websites?
For numerous reasons; some do it purely for fun, some to tests their newly acquired knowledge about computer security, some as a form of Hacktivism to protest political decisions or military conflicts, some out of revenge or to discredit a brand/individual and some just to prove a website is hackable.
How can you protect yourself?
We have an article here on Techzim published several months ago, which goes into how you can best protect yourself. The advice there still applies. But basically our advice is that if you don’t have the skills to keep your web properties secure (and if you can’t be bothered learning how), then please consult people who have a proven track record in securing internet properties.
If you still have any questions about website hacking and defacement, please enter them in the comments section below, and we (& other readers) will do our best to answer you.
List of some defaced websites since 2001
Please note that we’ve listed just 76 defaced websites out of over 1,000 websites archived on Zone-H.org. Also keep in mind that it’s just the .co.zw domains listed – a lot of Zimbabwean companies have .com domains because of the difficulties of registering a local domain. Lastly, note that Zone-H itself relies on submissions by people (mostly the hackers themselves we’re guessing), which means hacks not submitted to the archive are not listed.
| Website address | Company | Defaced Date |
| www.classifieds.co.zw | Zimbabwe Classifieds |
29-Apr-2001 |
| www.cbz.co.zw | CBZ Holdings |
29-Apr-2001 |
| www.netone.co.zw | NetOne |
2-Jul-2001 |
| www.rbz.co.zw | Reserve Bank of Zimbabwe |
13-Aug-2002 |
| www.nokia.co.zw | Nokia Zimbabwe |
24-Sep-2002 |
| www.metbank.co.zw | Metropolitan Bank |
2-Nov-2002 |
| www.dairibord.co.zw | Dairiboard Zimbabwe |
2-Nov-2002 |
| www.sage.co.zw | Sage Pastel Zimbabwe |
2-May-2005 |
| www.iobz.co.zw | IOBZ |
2-May-2005 |
| www.mukonitronics.co.zw | Mukonitronics |
2-May-2005 |
| www.pastel.co.zw | Pastel Zimbabwe |
2-May-2005 |
| www.doves.co.zw | Doves |
2-May-2005 |
| www.fabs.co.zw | FABS |
2-May-2005 |
| www.csc.co.zw | CSC |
2-May-2005 |
| www.venekera.co.zw | Venekera |
2-May-2005 |
| www.zabg.co.zw | ZABG Bank |
2-May-2005 |
| www.chips.co.zw | Chips Computing |
2-May-2005 |
| www.chronicle.co.zw | Chronicle |
2-May-2005 |
| www.clan.co.zw | Clan |
2-May-2005 |
| www.toyota.co.zw | Toyota Zimbabwe |
2-May-2005 |
| www.afrosoft.co.zw | Afrosoft |
2-May-2005 |
| www.zol.co.zw | Zimbabwe Online |
24-Jul-2005 |
| www.renaissance.co.zw | Renaissance |
10-Feb-2006 |
| www.mdczimbabwe.co.zw | MDC |
19-Apr-2006 |
| www.kingdom.co.zw | Afrasia Kingdom Bank |
16-Sep-2006 |
| www.hifa.co.zw | Harare International Festival of Arts |
6-Feb-2007 |
| www.truworths.co.zw | Truworths |
5-Jul-2007 |
| www.dawnproperties.co.zw | Dawn Properties |
28-Jul-2007 |
| www.posb.co.zw | POSB |
28-Jul-2007 |
| www.jaggers.co.zw | Jaggers |
28-Jul-2007 |
| www.idbz.co.zw | Infrastructure Development Bank of Zimbabwe |
28-Jul-2007 |
| www.nmbz.co.zw | NMB Bank Limited |
18-Aug-2007 |
| www.genesisbank.co.zw | Genesis Bank |
30-Nov-2007 |
| www.highlandersfc.co.zw | Highlanders FC |
28-Apr-2008 |
| www.agrifoods.co.zw | AgriFoods |
27-May-2008 |
| www.telco.co.zw | Telecontract |
27-May-2008 |
| www.celsys.co.zw | Celsys |
9-Sep-2008 |
| www.nationalgallery.co.zw | National Gallery of Zimbabwe |
9-Sep-2008 |
| www.mars.co.zw | MARS Zimbabwe |
3-Oct-2008 |
| www.kia.co.zw | KIA Motors |
3-Oct-2008 |
| www.supreme.zabg.co.zw | ZABG Bank |
24-Sep-2009 |
| www.sage.co.zw | Sage Pastel Zimbabwe |
24-Sep-2009 |
| www.europcar.co.zw | Europcar Zimbabwe |
24-Sep-2009 |
| www.rooneys.co.zw | Rooney’s |
24-Sep-2009 |
| www.techzim.co.zw | Techzim |
13-May-2010 |
| www.kia.co.zw | KIA Motors |
14-Jun-2010 |
| www.microman.co.zw | Microman |
14-Jun-2010 |
| www.stuttafords.co.zw | Stuttafords |
14-Jun-2010 |
| www.zimrights.co.zw | Zimrights |
15-Jul-2010 |
| www.eatout.co.zw | EatOut Zimbabwe |
6-Oct-2010 |
| iran.iranembassy.co.zw | Iran Embassy |
4-Jan-2011 |
| www.zse.co.zw | Zimbabwe Stock Exchange |
13-Mar-2011 |
| www.belina.co.zw | Belina Payroll |
12-Apr-2011 |
| www.nicozdiamond.co.zw | Nicoz Diamond Insurance |
16-Apr-2011 |
| www.cloverleaf.co.zw | Clover Leaf Motors Group |
11-Sep-2011 |
| www.rminsurance.co.zw | RM Insurance Company |
13-Sep-2011 |
| www.brontehotel.co.zw | Bronte Hotel |
27-Jan-2012 |
| www.safeguard.co.zw | Safeguard |
27-Jan-2012 |
| www.eset.co.zw | ESET Zimbabwe |
15-Mar-2012 |
| www.zinwa.co.zw | Zimbabwe National Water Authority |
22-Mar-2012 |
| www.proplastics.co.zw | Pro Plastics |
30-Mar-2012 |
| www.kingstons.co.zw | Kingstons Holdings |
30-Mar-2012 |
| www.dailynews.co.zw | Daily News |
1-Jul-2012 |
| www.mazda.co.zw | Willovale Mazda motor Industries |
9-Jul-2012 |
| web.telecel.co.zw | Telecel Zimbabwe |
19-Nov-2012 |
| www.zinara.co.zw | Zinara |
22-Nov-2012 |
| www.greenfuel.co.zw | Green Fuel |
6-Dec-2012 |
| www.nicozdiamond.co.zw | Nicoz Diamond Insurance |
10-Dec-2012 |
| www.cabs.co.zw | CABS |
16-Dec-2012 |
| www.delta.co.zw | Delta Corporation |
23-Dec-2012 |
| www.uz-ucsf.co.zw | University of Zimbabwe-University of California San Francisco (UZ-UCSF) Collaborative Research Programme |
23-Dec-2012 |
| www.herzimbabwe.co.zw | Her Zimbabwe |
24-Dec-2012 |
| www.zol.co.zw | Zimbabwe Online |
28-Dec-2012 |
| www.zimnatlife.co.zw | Zimnat Life Assurance |
31-Dec-2012 |
| www.bennysburgers.co.zw | Benny’s Burgers |
3-Jan-2013 |
| www.firstel.co.zw | FirstTel |
4-Jan-2013 |
Comments
43 responses
You are very wrong to think that hackers are not targeting Zimbabwean companies and websites. If you worked for ISPs, seen what they have to deal on daily basis with you will understand
mmmmm, i still think most of these hacks are automated. this “Hackeado por HighTech Brazil HackTeam” (google it) team has defaced ‘hundreds’ of seemingly random sites this past week. hardly seems like they were targeting anyone is specific, most likely, they are scanning (using some bot) for sites with a specific vulnerability and then exploiting it.
Hackers are targeting Zimbabwean sites, but they are not SPECIFICALLY targeting Zim sites, its part of a large scale hacking systems that doesnt necesarily target Zim sites only, the practice is not exclusive to Zim
http://www.zone-h.org/archive has a list of the most recent defaced websites.
The list of 100 most recently defaced websites today doesn’t even have a Zimbabwean website in it. it’s
36 United States
9 Germany
9 Poland
9 Netherlands
7 Hungary
5 Malaysia
3 Finland
3 Indonesia
2 Greece
2 Denmark
2 Canada
2 UK
1 Cuba
and so on…
This is the most honest response. Yes sites have been hacked and stuff but the truth is Zim sites are being targeted.
i dont think http://www.classifieds.co.zw was even in existance in 2001?
in most cases, hacked/defaced websites are just a front for what actually happens in the background of the server itself. you will find scripts that mass mail, scripts that DDOS other websites and server IP’s, as well as scripts that are used to hack other sites.
According to this archive it existed: http://www.zone-h.org/mirror/id/12326
But maybe they got the dates mixed up or something
yeah, i reckon the dates arent correct. or someone had been using that domain name before the current classifieds site… zone-h is an interesting website in any case 🙂
http://i45.tinypic.com/2w7n68w.jpg%5B/IMG%5D
Classifieds.co.zw was definately up m8
sweet! seeing that screenshot, reminds me of the good ol’ 56k days. i.e napster 🙂
and geocities, altavista, excite!… and the floppy… gone too soon
it did exist. i closed it down for many years after that before starting it up again.
OMW Delta website runs client-side Java?!!
(gag)
Nice article, by the way
Hats off sir. If they don’t take heed to your counsel or critic ignore them and leave them like that. You laid it plain and simple. Take it or leave it, if you are hacked, “indaba zako wena”.
What websites havent been hacked 🙂
I’ll give a dollar to any zimbo who can do anything with mine.
Give us the website!…. Give us! (jumping up and down)
🙂
Lol. You guys are funny. I was joking. I don’t own a live site currently. I will be sure to give it to you for testing purposes. I will hold my promise though, a reward for anyone who can.
On a seperate note, why can’t I post a comment (my own, not a response) on this site? @kabweza, am I blocked?
thanks for the notification. Comments were caught up in anti-spam queue. just released them.
That just killed the excitement. The reward of bringing down something that is claimed to be secure on invitation is certainly worth more than the dollar… ah well…carry on… i’ll hack my own
Hacking…hobby or profession?
obsession
You think you can hack? Try http://www.mbcanet.co.zw and gimme feedback
how much do i get, if i show you the security holes in ur site?
is this ur Website kid
whats ya web adress son?
keep ur dollar n leave the link here.will do it for free..
#challenge_accepted.
The other thing is Zimabwean comapnies’s inability to tell a real developer from none if u check these websites they will probably end up going back to one ot 2 developers someone correct me
A lot of people are masquerading as developers when they are not its simple lack of knowledge.How can u think someone will develop a site for 30usd and how many pple are getting those sites or even 200usd for that matter daylight robbery of the unsuspecting client
UZ website is down as well
yeah, that hack was specifically targeted the Herald.
Soul;
Great article and insight about the trend of the hacking in Zim.However, I beg to differ on this point you raised ” No, the rate of hacking has not increased at all”.
Generally, the trend of hacking is increasing across the globe with Africa or Zim being part of this trend.This trend will continue to increase as Africa adopts more technology and faster internet.
So most organisations in Zim need to adopt the basics of enterprise security at the application, infrastructure, database, people and process layers.
thanks @88ec0d37a66984288b18255b7a5dd2de:disqus
Just to clarify, i don’t think the rate has increased but i do think the number of hacked websites locally is increasing for the reason that there are more websites being created.
I however still don’t think Zimbabwe (or Africa) is getting the majority of the hacks. The data is just not there to support this. The little data available, like that on Zone-H suggest that most defacement is are actually happening on US hosted websites.
A quick check for example of the most recent 200 defaced websites globally (those submitted to Zone-H at least) this morning shows:
USA 66
Germany – 19
Brazil – 16
Singapore – 14
Turkey – 8
Australia – 8
Denmark – 6
Argentina – 5
UK – 5
Poland – 5
Croatia – 5
Canada – 4
Hungary – 4
Ukraine – 3
Serbia- 3
Romania- 3
Vietnam- 3
Chile – 2
France – 2
Slovenia -2
etc…
If you can find data that shows the hacking of Zim & Africa sites is on the increase, then let’s look at it. The issue may be that network admins & ISPs staffers in Africa are finding a lot of hack attempts on their networks and take this to be a new phenomenon that its is not.
Kabweza;
Thanks for referencing H-Zone. This site is a reflection of sites being defaced and most of the guys who report here are not the new and advanced breed of hackers. The new breed of hackers thrive of Advanced persistent Hacks mainly driven by gain or profit. Their aim is not to eventually hack ZIm ICT infrastructure but to use it as a lunching platform for performing massive DDOS attacks on their targeted attacks in other continents. The reason for using Africa’s infrastructure is because the ISP are still backwards and that their is not centralised Computer Security Incident response center in Africa. If my memory serves me well, I think SA , Kenya and other 2 countries haves a CSIRC.
Targeted hacking is not about page defacement. Page defacement is for the naive and those testing their skills in the game. Most advanced hacking techniques go un-noticed because those who perform them know that the rule of the game is ” do not leave any traces”
There is a lot of research out the reflecting the increase of targeted attacks in Africa. The problem is most African countries at the moment don’t know what is lying under the carpet due to lack of awareness, investment and regulation around security,
Some guys in South Africa published a good research on the threat barometer 2013 and there is a section on where Africa Stands on CyberSecurity . Have a read and see where you will stand after wards:
http://issuu.com/cybershield/docs/sa_2012_cyber_threat_barometer_medi_20121105104135
Finally, I am very confident that hacking is on the increase in Zim and Africa as a whole. It’s a matter of time before we realise huge financial and reputation implication of hacking on some of the major industries such as banking, transport, Energy/Utilities, Education etal:
http://www.itnewsafrica.com/2012/10/cyber-crime-costs-south-africa-r3-7-billion/
http://cybercrime.org.za/
I agree that hacking particularly that of defacement is on increasing. I just don’t agree that the percentage of defaced websites out of overall number of sites is increasing.
In terms of African internet servers being used as Zombies or platforms to launch attacks, I think it’s not clear in the article (my bad) that that is not the issue being discussed by the article. The article is talking about the recent attacks on many high profile websites that seem to show hacking in the form of defacement, is on the increase.
Other forms of hacking, like stealing data from financial institutions, customer records, etc.. are indeed most likely to be on the increase, especially if prospects on monetizing these efforts become higher.
I am surprised that banks are on the list. They should have tighter security.
My 2c on this is that Zimbabwe is now becoming more connected to the WWW. As we move towards more online real time processing systems also joining the WWW gravy train like financial institutions like banks, credit providers (Truworths, Edgars, etc), Econet(checking your bill, list of calls, etc) etc, we will see hacking more for financial reasons.than for fun. PayGate in SA had their systems broken into some weeks ago. Soon FBC Kingdom bank, etc will feel these guys one way or the other.
Yeah you are wryt man Worse of all just 2 years ago EC-Council has Accreditted a couple of Institutions to train what they call Certified Ethical Hacking…….More Hacks are coming…..Watch the Space
MSU website, you cant hack it. The most widely used Tertiary Education website in Zimbabwe
Jon Koni there isn’t a Website which can’t be Hacked….
.
We are a group of volunteers and opening a new scheme
in our community. Your web site offered us with
helpful helpful and paintings on . You have made an impressive job and our all the neighborhood
will probably be grateful to you .
Unquestionably imagine that you said . Your favorite
reason appeared to be on the web simple thing to have in mind of .
I tell you , i definitely annoyed at the same time while
think worries clear that not understand about . You controlled and also out on all managed to
hit the nail on the top without having side-effects , people could take a signal.
Will probably be again to get more. Thanks