40 Sensitive Government Websites got Hacked

Indian hackers’ group, called ‘Indian Cyber Army’ is claiming to have gained root access to one of main servers hosting major Pakistani Government websites, said an email sent to ProPakistani.

This server was reportedly hosting at least 40 government websites of sensitive nature, including Pakistan Navy, NAB, Ministry of Foreign Affairs, National Assembly, Pakistan’s Military Account, Ministry of Science and Technology, AGP, FAB and others.

This web-server, reportedly hosted with NTC,  has a total of 162 government websites hosted on it, out of which at least 40 website were effected out of this hacking attempt.

Other websites hosted on this server (and were not hacked – but are in danger) includes PTA (Pakistan Telecommunication Authority), Pakistan’s Official Portal, MFA, ABL and others. Complete list can be viewed here.

Hackers didn’t deface the websites, instead inserted a file to just let the webmasters know that they had successfully rooted their servers and could deface the websites as well.

This is a warning for webmasters to secure their websites before its late.

This hacking attempt is said to be related with 26/11. Earlier, Indian hackers had threatened on various forums to deface major Pakistan websites as protest against 26/11 incident.

This is not the first time that Pakistani websites got hacked. This is the time now that the Government of Pakistan should add more professionals to shield its cyber security to protect country’s sensitive data available over internet.

It merits mentioning here that the major crew member and founder of Indian Cyber Army, named rAsCal, was not part of this hacking attempt, as shown by the credit at hacked pages.

Following is the list of hacked websites:

  • http://www.nab.gov.pk/indian.html
  • http://www.paknavy.gov.pk/indian.html
  • http://www.mofa.gov.pk/indian.html
  • http://www.na.gov.pk/indian.html
  • http://www.sindh.gov.pk/indian.html
  • http://www.pastic.gov.pk/indian.html
  • http://www.nrb.gov.pk/indian.html
  • http://www.nfdc.gov.pk/indian.html
  • http://www.sindhpolice.gov.pk/indian.html
  • http://www.pcb.gov.pk/indian.html
  • http://www.niopk.gov.pk/indian.html
  • http://www.neas.gov.pk/indian.html
  • http://www.navtec.gov.pk/indian.html
  • http://www.dgto.gov.pk/indian.html
  • http://www.msa.org.pk/indian.html
  • http://www.topians.edu.pk/indian.html
  • http://www.usc.com.pk/indian.html
  • http://www.vepcon.gov.pk/indian.html
  • http://www.pifra.gov.pk/indian.html
  • http://www.pmad.gov.pk/indian.html
  • http://www.pwd.gov.pk/indian.html
  • http://www.pcret.gov.pk/indian.html
  • http://www.pmnh.gov.pk/indian.html
  • http://www.pcrwr.gov.pk/indian.html
  • http://www.pcsir.gov.pk/indian.html
  • http://www.agp.gov.pk/indian.html
  • http://www.alp.gov.pk/indian.html
  • http://www.pha.gov.pk/indian.html
  • http://www.census.gov.pk/indian.html
  • http://www.cga.gov.pk/indian.html
  • http://www.cii.gov.pk/indian.html
  • http://www.cmsindh.gov.pk/indian.html
  • http://www.cmtl.gov.pk/indian.html
  • http://www.environment.gov.pk/indian.html
  • http://www.eadtraining.gov.pk/indian.html
  • http://www.enercon.gov.pk/indian.html
  • http://www.thenucleuspak.org.pk/indian.html
  • http://www.fab.gov.pk/indian.html
  • http://www.fgehf.gov.pk/indian.html

  • none of the above mentioned URLs are genuine web address of pakistani officials website. all of them have “/indian.html” at the end of URL, it shows that this is the address of specifically created web page.

    please type the URL without “/indian.html” to see original web page.

    • You are right danish but one must have access to create such page. As the pages were created means Indian hackers had gained some sort of access to these websites through a security hole on the server.

      As none of above pages are accessible now so it means that the pages have been removed by Pakistanis but they will have to spot out the root cause, i.e. the security hole and do something about it so Indian are not able to do such act again.

  • There is no one in our cyber or IT Department….Its more than 24 hours the incident took place and still the pages are there….

  • I don’t understand why official government site host on staminus.net already bad comments over internet about there service

  • yar yeh kia sun rha hon k India ne Humari Pakistani Sites hack kr di…
    Ab Hum Pakistaniyon ko mil kr kuch krne padega in ka muh torh jawab dena parhega..
    So Mere Hacker Brother’s Aj hum sab ko mil kr in ka muh torh jawab dena parhega ap mujhe msg krein meri id pr i m waiting 4 My hackerz brothers…Thnx

    • The solution may lie in first making the security of Pakistani websites better so no one from outer world can do this kind of stuff.

      Internet security is a difficult subject, no site can be called saved from any kind of intrusion or denial of service attack. But we can definitely do much better by hiring the people who are suitable for the job.

      But for that long practiced trend of hiring unqualified people via preferring personal contacts will have to go away.

  • It is not good news . There could be aid to Indians involved in hacking our web sites. no matter we should protect our websites. what kind of protection given by these ISPs and web host. Pakistan should develop fire wall and his own server security. this is sham full in syber world.

  • Im not convinced that 40 different institutions web pages and related sensitive information is on a single server.

    • Never-mind we can be so much dumb to do such blunders. However I agree, how could these all Orgs share just one server for all that data.

      Don’t we have separate IT department for all of these organizations or at least some of em.

  • hahahaha ICA AKA indian c___ army,
    dude dude dude. you have done such a thing we wont you to do now wait and watch.we will dirty our hands by ur indian site blood
    we have hacker ur cyber cell,indian police and BSNL webs your seurity sucks.
    Pak_ghost(urduhack security killers)

    [Comment Edited]

    • Good point! Wesay tu hum her ghalat kaam ker saktay hain? But when it comes to doing something wrong for the right cause, sab bekaar perh jaatay hain.

  • Well Well Well.
    They hacked our government sites by gaining access to a server.
    They r big liers.For those who dont know hacking this is something very big but not for us.
    That server hosted 156 gov.pk sites,out of which 40 were hacked.The server was NT based and not linux based.So the chances of rooting is very low.They can gain access to these 40 sites by 2 methods.
    1-They hacked a single site and that site user was running 40 sites with same username.
    2-The hacked sites were running WebDev on IIS 6.

    Leave everything a side.Let me tell you people that this time indian got a big defeat.
    In reply to their 450 sites.Pakistani hackers hacked more than 1000 sites.
    Out of which
    PCA hacked 500
    CyberHax0rs hacked 350
    Predators Pk Hacked 320
    PakCobras Hacked more than 50.

    And yes i agree to wat Osama said.There is no one in our Cyber IT department. Those who r there have not much knowledge about advance hacking techniques.

  • Pakistan Govt. should make an IT team consisting of highly IT educated persons. The purpose of this team should only be to manage security of all PK official websites.

  • Simple defacement , Local file inclusion 90lfi , remote file inclusion 9rfi), mass defacement , Exploits , Sql injections , database corruption , thats all about they say HACKING WEBSITE … and what the scenario here is they have bought hosting from the same hosting company Paki sites hosted at and then uplaoding shells to their site , doing some tweaking , doin rfi n lfi , including india.html anywhere and thats it ..

    is this u script kiddie call WEBSITE hacking lol ..

    what it cost , an hour of wastage of time for security tweaking thats it …

    cum on grow up !

  • I think Pak Govt should hire Paki Top Hackers and let them secure their servers, (not for hacking others website)

    • Firstly Govt sites are mostly hosted by NTC and COMSATS. After 5 months the bug is still there at ntc main server beside my mail to Engr. Siddiqullah, General Manager (IT & Data Comm), NTC. Even they not responded to my mail. Big Lazy Boys ….

      Secondly, FIA got arrested few members of Pakbugs, who were actually defending their country… so sad. Hai na?

  • Its not the time to go and hack their sites in response, its time to secure our own sites first.

    First we need to ensure that our sites are secured then only then we can think to respond back. else today they have hacked 40, maybe tomorrow it can be 400.

  • If our website is hacked this does not mean we have not ability to Respond.The whole world knows how powerful the nation is paksitan.before this gov web sites defecment pakistani hacker hacked in 1200 indians web sites. we hacked BJP Web site Nehor web site 5 top Hackers forums. Indians Media Web sites All site on the Record in Google.We R alreday Fighting Cyber War the indians Started Against Pakistan. Indians hacked pk gov web sites its does not mean that we are weak.its Our gov Weakness they are hosted Web sites on Cheap Web servers.All Pakistani Nation Should Understand Pakistani hackers is a big Power on the internet.indians Revenge get soon they ‘ll Never Ever Forget.Now the Pakistani government should strictly protect their sites.We had told them the same day when the problem was Created. We are happy he’s focused on our web sites and all have fine again.Indian now wants to be prepared.They did what they must be given a reward.

    • @HEX786

      I would like to mention here that it might be possible that the person responsible for govt sites security is putting his best efforts but he might not have enough knowlege to perfctly secure/hack proof the servers. It is very easy to criticise. I believe you r a great hacker so you should tell them how to secure the servers. You should write down the steps somewhere

  • @Toufiq. We cannot secure our sites.Webmasters can secure their sites. We can help them if the want.
    What v can do is a counter attack.And INSHALLAH u will see that soon. :D

  • @HEX786 & Shooter: Man best of luck then :)… we are desperately waiting for the response to this. :). God bless. and we know that our pakistani hackers are alive and capable too.

  • @HEX786… man i just visited your website now… and was amazed to see that you have hacked many indian sites before. wow man.. now i am bit relaxed and confident… I am happy to see the capability in my paki bros… God bless.

  • HEX786 well done man…. And salute to Pak Cyber Army…. You guys did a great job ….Way to go… 270 Indians site including their CBI(Central Bureau Investigation) got hacked by PAKISTANI HACKERS haahhaha…. Well done man….You ppl are great!

  • waisay to pakistani apnay aap ko bohot cheez samajty hai.meri request hai pakistani hackers hazrat say k aap b aisa system karain k indian govt.yaad rakhay.

  • Those website get hacked only due to the reasons why they make cheap website which is possible for less than Rs 5,000. They use servers which are not secure and that’s the reason why its easy for the hackers to crack the login credentials.

  • I am Software Engineer of Pujab Universty Pakistan.
    Now working for Pak Ecommerce site.

    All our Gov. websites not using advance technologies so that’s why they hacked.
    Listen Indian People
    We are also working to hack Indian websites ….

    Those websites who uses bad techniques got hacked.
    Please must use password encryption at any level.

    Saddam Hussain (Software Engineer)

  • Get Alerts

    Follow ProPakistani to get latest news and updates.

    ProPakistani Community

    Join the groups below to get latest news and updates.