Government of Punjab Server Hacked by XerXes

Today, Government of Punjab Server(punjab.gov.pk) has been hacked and defaced by a hacker with the handle XerXes from Pak Cyber Crew.
Pak Cyber Crew
Attack anatomy is unkonwn, it seems that hacker exploited the vulnerability on the server and managed to deface the websites.

A total of 16 subdomains are defaced including excise department, Capital Police and others. The hacker added a defaced page “Xerxes.htm” at the end of each hacked domain instead of defacing the main page.

List of Hacked Sites:

  • cccexcise.punjab.gov.pk/Xerxes.htm
  • ccplahore.punjab.gov.pk/Xerxes.htm
  • egt.punjab.gov.pk/Xerxes.htm
  • entcollection.punjab.gov.pk/Xerxes.htm
  • hrmis.punjab.gov.pk/Xerxes.htm
  • poultry.punjab.gov.pk/Xerxes.htm
  • ramzansahulat.punjab.gov.pk/Xerxes.htm
  • spis.punjab.gov.pk/Xerxes.htm
  • vmis.punjab.gov.pk/Xerxes.htm
  • www.entcollection.punjab.gov.pk/Xerxes.htm
  • www.epi.punjab.gov.pk/Xerxes.htm
  • www.episargodha.punjab.gov.pk/Xerxes.htm
  • www.fjids.punjab.gov.pk/Xerxes.htm
  • www.poultry.punjab.gov.pk/Xerxes.htm
  • www.spis.punjab.gov.pk/Xerxes.htm
  • yellowcab.punjab.gov.pk/Xerxes.htm

The reason of the attack is unknown. According to the deface page, It looks like hacker has just given warning to the administrator of the websites.

You are Hacked!
Your site is not secure please admin secure your system. đŸ˜€

Hack Mirrors(Proof of Hack):
http://pak-zone.com/hacker.php?haxor=XerXes

At the time of writing, the hacked subdomain are still defaced.

email