South African government websites hacked

Script kiddie hack. Hardly impressive. Same as that retarded Turkey group that go around calling for Jihad on the jews.
 
I really hope SA can build the offensive capacity, real quick! If these stupid inferior countries with script kiddy hacking skills can go down this way, who know how far they'll take this. This is uncalled for. It's not about whether the ISP has implemented adequate security or not, it is not an open invitation for anyone to destroy property. They (hackers) need a deterrent!!!
 
morocco... western sahara... i fail to see the connection.
as for those 90's 1337 gr4phics, that needs a serious update.
nobody's going to take you seriously with such poor design skillz.
take pride in your work, dammit.
 
She said the department was not concerned that the hacker could have accessed sensitive information. “No sensitive information is on the website,” she said.

The only sensitive info. the SA govt. regard as being important, is whether the president's office reveal or hide the real reasons behind Mandela's stay in hospital. That's all that seems to concern them.
 
I think this guy has his countries mixed up.

That happens a lot because Geography don't seem to be taught in schools anymore.

If you ask people from overseas if they know where SA is, they answer "Yes, that is right next to Egypt." :D
 
Ignorant comment!

Joomla... what do you expect

What an ignorant, uninformed comment @ Blunt!. If SITA isn't keeping their scripts up to date and properly patched and if they aren't using mod_security with a proper ruleset, one can hardly blame the CMS. Joomla is a bulletproof CMS that's growing in leaps and bounds with every new version...the same cannot be said for anything by Microsoft.
 
South African never take technology serious. thats why we are lagging behind
 
What an ignorant, uninformed comment @ Blunt!. If SITA isn't keeping their scripts up to date and properly patched and if they aren't using mod_security with a proper ruleset, one can hardly blame the CMS. Joomla is a bulletproof CMS that's growing in leaps and bounds with every new version...the same cannot be said for anything by Microsoft.

You are obviously clueless about Microsoft Offering, SharePoint makes anything Joomla does in the baby league.
There are more security holes in Joomla/Drupal a month than SharePoint in years. Careful what you say, stats are against you.
If Joomla was so secure, why do we so many hacks on them?
 
You are obviously clueless about Microsoft Offering, SharePoint makes anything Joomla does in the baby league.
There are more security holes in Joomla/Drupal a month than SharePoint in years. Careful what you say, stats are against you.
If Joomla was so secure, why do we so many hacks on them?

Please Jnr...I got my MCSE when NT 4 was in town, got MCDBA with MSSQL 7 back in 2000...I know Microsoft products extremely well...but the Joomla platform, ecosystem and frequency of updates is unbeatable and nothing sharepoint does can compare. The versatility, price, extensibility of Joomla blow Sharepoint out of the water in every respect. It's not Joomla itself that's not secure, it's the many thousands of extensions that get written for Joomla that may not be up to scratch. The developers do however respond rather quickly to security alerts...the same cannot be said about Microsoft and their lethargic patches.

There are also very many security systems to secure Joomla/Wordpress/Drupal from known exploits and the open-source world is extremely adept at responding within hours to security vulnerabilities as and when they arise. So, I repeat, it's ignorant in the extreme to blame Joomla for being vulnerable when the security bulleting categorically states that as of version 2.5.8 of Joomla, there are no known vulnerabilities...when one is found, it will be immediately patched and not hidden in layers of bureaucratic corporate obfuscation.
 
CritiKill:
Joomla itself had many security exploits and it is quite possible that there are still many to be found. The last time I worked with Joomla, back in 2010, they had pretty insane vulnerabilities in the Joomla base.

v2.5.8 as you states may not have security vulnerabilities, but it has only been released like a month ago!

If you're going to be running Open Source CMS, then you are prone to attacks - unless the guys really made sure from the start that all input is validated and escaped properly.

It's a shame the ANCYL's website wasn't amongst those being hacked ;)
 
Bottom line is whatever you run if you dont constantly patch it/keep it up to date, change default passwords, remove standard scripts/examples etc you run the risk of being hacked. All products are full of security holes.
 
What an ignorant, uninformed comment @ Blunt!. If SITA isn't keeping their scripts up to date and properly patched and if they aren't using mod_security with a proper ruleset, one can hardly blame the CMS. Joomla is a bulletproof CMS that's growing in leaps and bounds with every new version...the same cannot be said for anything by Microsoft.

http://www.joomlaexploit.com/ - that's the worst "bullet proof" device I've ever seen.

It is the age old problem of open source community driven projects. Exploits are aplenty due to plugins developed by "PHP Developers" who think they are programmers because they can hack together something that works.

// Edit : Not dissing PHP developers, I am one myself, I'm against the overwhelming amount of people who call themselves PHP developers because they can install Joomla/WP and edit some PHP files or knock together a basic plugin.
 
Last edited:
'The social development department’s web address www.population.gov.za opened to a black page with a window containing the animated graphic “Website hacked by H4ksniper” and a graphic depicting a heart rate monitor on Sunday morning.'

Translation:

'Someone ran in and posted a poster over our sign, then ran out shouting something about Moroccan food'

That is of course if the people in charge had not secured their back-end correctly. Heck. I've done do that with Joomla, And I'm a Middleware Developer. But seeing as this is a government site...

Speaking of Moroccan food - is it me or is anyone else also in the mood for some decent Lamb with Apricots? Or Tabbouleh?
 
'The social development department’s web address www.population.gov.za opened to a black page with a window containing the animated graphic “Website hacked by H4ksniper” and a graphic depicting a heart rate monitor on Sunday morning.'

Translation:

'Someone ran in and posted a poster over our sign, then ran out shouting something about Moroccan food'

That is of course if the people in charge had not secured their back-end correctly. Heck. I've done do that with Joomla, And I'm a Middleware Developer. But seeing as this is a government site...

Speaking of Moroccan food - is it me or is anyone else also in the mood for some decent Lamb with Apricots? Or Tabbouleh?

Following on from my post I feel this is the primary issue - people employ companies who provide Joomla websites and more often than not these Joomla companies are fairly clueless about security/programming due to their knowledge stretching as far as installing joomla, adding plugins and then mostly CSS/xHTML to make the Joomla sites look good.

Perhaps some bitterness on my part due to the amount of customers I have to rescue from Joomla sites that have been hacked to pieces - but it's a problem.

If you're a qualified developer who actually knows what he/she is doing and you set up Joomla, fine. But from my experience - most are not.
 
Yup. What Greg said. Bad config and zero maintenance are how you get hacked. And of course there's never any backup strategy. If you don't want to pay for experience, be prepared to be the guinea pig.
 
@ Blunt - I feel where you're coming from, but I also feel that Joomla and Wordpress are two of the most digitally empowering platforms in the history of online media. To knock the open-source ecosystem is disingenious as the ability to view a developer's code is both a curse and a blessing and in my opinion, this is the open-source market's greatest asset. It means that software is constantly being scrutinised, reviewed, dissected, improved and extended.

To blame the CMS when there are numerous ways to secure a hosting environment from almost all known and unknown threats is unwise. I use Atomic Secure Linux on all the servers which I host and it has made my hosting environment for Joomla and Wordpress virtually impenetrable (zero successful hacks in 14 months since using it). The issue is not just sloppy developers, but sloppy server administrators who don't even have basic server security in place like mod_security or cphulk or CSf firewall or suexec or any form of system hardening in place. I've learnt the hard way about network security as my Joomla sites were routinely hacked...now I've learnt quite a few tricks of the trade which go beyond perimeter security, but also application, OS, shell and environment security.

All I'm saying is that SITA are slackers and the exploit used to achieve this hack has probably been patched aeons ago but governmental lethargy and a cavalier attitude towards security is to blame...certainly not the CMS Joomla.
 
Back
Top