Today we woke up to the tip that the website of one of the largest internet service providers in the country, Zimbabwe Online (ZOL) had been hacked. Checking the website, we got the screenshot below:
From the message on the website, the hack was apparently done by a Brazilian group called “HighTech Brazil HackTeam”. The group is reported to have delivered a flood of attacks on hundreds of websites worldwide.
The hacking of the ZOL website, like other hacks of company websites in previous weeks, does not appear targeted at the company, and the effect is likely not more than the defacement itself. It’s surprising however that an ISP’s website would get hit randomly like this. You’d expect them to have tight web and internet security in place to avoid such attacks.
The ZOL website uses the Joomla content management system (and no, we’re not implying Joomla is to blame). We have noticed that attempts to restore the website are going on but not completed as it’s currently giving off errors like the one below:
Warning: file_put_contents(/xd1/homes/hash/47/50/a15047/82/60/u66082/zol.co.zw/www/templates/rt_omnicron_j15/css/css-40f17087ce1ece23792db40edf118620.php) [function.file-put-contents]: failed to open stream: Permission denied in/xd1/homes/hash/47/50/a15047/82/60/u66082/zol.co.zw/www/libraries/joomla/filesystem/file.php on line 298
20 comments
Could be a specific CMS hole being exploited across different sites.
your right joomla isnt totally to blame its likely just incompetent web teams not updating joomla or joomla modules quickly enough when security flaws are found
that or the site was developed to such poor standards that its impossible to update the site without updates to core joomla breaking things…
whats the betting that they just restore the site and dont even fix the vulnerability that allowed the hack in the first place?
Eish. Lets hope its just defacement without any data having been stolen. I see the site is now up but ZOL hasn’t clarified yet (at least on their site).
Very embarassing for an ISP because it reflects badly on their core business. But, show me a person who claims to be 100% secure and I will introduce you to a clueless idiot. These things happen but we expect better from the likes of ZOL. Can they not replace it with a plain HTML page or at least redirect? The worst thing is the response, like someone commented another similar article
There’s a silver lining though. The greatest benefit of all these recent attacks is that people are becoming more security-aware. They will start pondering over it. Its no longer a scene from a movie or a news of some unlucky company in the US. The threat is real…and our celebrated broadband is double-edged: the whole world is accessible and so are we!
Interesting times ahead!
Whoops
I experienced hack like this back in the day on one of my old sites tsn.co.zw the site is closed now what I learnt was that each time you use an open source CMS or tool like Joomla or WordPress. change default admin usernames or passwords or security settings. check regularly on forums for security vulnerabilities and patch them up as soon as possible. Unfortunately some hacking groups find a loophole in things like Joomla and deface a few websites before the fix is available. Sometimes its the way mysql is installed relying too much on default common settings, ports and weak passwords.
Lol,
I have been in their position more times than i would like to remember.
FYI, although there are things that people can do to reduce the risk of getting hacked. Nothing is rock solid. And no-one is 100% safe. Not even the Pentagon, Governments or multinational corporations that invest BILLIONS of dollars on high-end security systems. Some of these organizations hire some of the best tech minds in the world, but still get hacked.
All one can really do is apply security patches, secure their servers and wish for the best. As long as you are connected to a network you are at risk.
Oh!… and have a good team of guys on stand-by to respond to any issues when they do occur.
Im guessing they were running joomla 1.5?…Their site kinda looked and felt dated last time I visited it. Now its giving me a connection error. Ofcourse Im not blaming joomla..I love it, but you’d think a multi million dollar company would at least keep up with the times in hopefully trying to deter hackings like these. Peope would be way more sympathetic to ZOL had it been a targeted hack because that would mean someone spent day and night trying to break into their systems but here its just a random blast and such a large isp got caught up in it. Pathetic.
Oooops, that had to hurt.
The Fingaz site is also down and out
http://www.financialgazette.co.zw/
These site should fix the Joomla vulnerability being exploited in the wild by applying the appropriate patches.