Zameen.com — Pakistan’s leading real estate portal — was hacked moments ago, we have checked the Zone-h mirrors.
According to our early investigations, entire website, source code and users’ records of Zameen.com were dumped and leaked online.
Leaked data include user names, md5 encrypted passwords (one of the weakest of its kind), email addresses, phone numbers and other related details.
We are still in process of determining the total number of unique users that were registered with Zameen.com or the number of users’ record that was leaked online.
Reportedly a hacker named “Tiger Mate” is behind the incident and had no motive behind the attack but said that he hacked the website because he can, and also because “they (Zameen.com) don’t take their security seriously”.
Leaked data include user names, passwords, email, phone and other details of Zameen users
In a an electronic communication with ProPakistani, “Tiger Mate” said that Zameen.com was warned about the security vulnerability by a fellow hacker a few days ago but Zameen didn’t take the warnings seriously and instead abused the vulnerability reporter.
“Tiger Mate” said that its about time that companies like Zameen.com should start taking their security seriously.
Zameen.com has been restored as of now but hacker claims to still have the access to the website.
Zameen.com, in response to a ProPakistani query confirmed the attack and termed it a very obvious but futile effort to sully the brand perception among Pakistanis.
Zameen.com said that FIA and NR3C are already on board regarding the incident. Company said that its communication is already underway with Amazon AWS and Twitter, who are auditing their logs as of now and are expected to report back very soon. (Amazon AWS is the host while Hacker had announced the defacement on Twitter).
Not to mention, Zameen.com is one of the most celebrated startups in Pakistan. They secured multiple rounds of investments and are currently planning to expand into Iranian market.
Update
“Tiger Mate” has said that he is taking leaked data offline, as he has made a point, and hopes that Zameen.com will be more vigilant about its security now onwards.
Not to mention, it is feared that data has been downloaded by enough number of individuals already.
