Ecommerce stores official website

Commerce Department’s EDF Website Hacker Plans to Sell Over 4GB of Data for $400 Bitcoin

The main website of the Export Development Fund (EDF) of Pakistan, an autonomous agency under the Ministry of Commerce, has been compromised in what appears to be the second largest security breach ever experienced by a Pakistani institution in addition to a year.

According to exclusive information gathered by a major news site, the data dump over 4GB included files, hex passwords, email records, email history and other crucial information.

The hack illustrates how the attacker gained easy access to EDF’s central computer and extracted official documents from various categories.

According to the assessment, the security of the website was insufficient, allowing intrusions.

According to raw data snapshots, the hacker was most likely born overseas and wants to sell the stolen information for $400 or the equivalent in Bitcoin through his Telegram channel.

According to our chain checks, the EDF website was restored a few hours after the attack; however, the site subsequently began naming former Prime Minister Imran Khan and former trade adviser Abdul Razak Dawood as prominent figures.

The ministry has again changed its website in response to correspondence from regional media.

Commerce Secretary Saleh Farooqi said in a statement that EDF’s website had been hacked and subjected to a brute force attack. He said the server, which had been restored and was now fully operational, was installed at COMSATS and was managed by Adamson/COMSATS.

According to the secretary, the mail server has also been activated and is now secure. He went on to note that the emails typically contain project information as well as ordinary contact between officials and affected parties.

He went on to say that these are internal conversations that do not appear to affect the operations of the Fund.

He added that the service provider and EDF are in direct contact, that the procedures have already been adjusted and that additional security measures are in place.

Hacking is a serious problem, however, EDF does not manage our sensitive information. However, Saleh said: “Our own investigation team will be there.

Commenting on the data breach, intelligence analyst Zaki Khalid, who is stationed in Rawalpindi, said it was just another tragic example of how cybersecurity compliance is viewed with casually.

“Even though subsequent jurisdictions have made suggestions on occasion, there are still gaps in implementation. Internal control is clearly weak,” he said.

These hacking incidents have recently made headlines in Pakistan, with the first serious attack occurring under the previous government.

Official emails of senior Finance Ministry officials were allegedly compromised in a cybersecurity incident in December 2021. Official correspondence containing confidential information regarding the IMF, FATF, CPEC and other government organizations was therefore hacked .

Implications and next steps

Regardless of the exposed sensitive material, it is sad to understand that once the system is infiltrated, any business cooperation with foreign agencies and embassies loses all credibility.

When investors make confidential contact with the Pakistani government, they create a level of trust.

It may take a long time to regain trust due to the country’s inability to protect the integrity of its archives/sensitive content on the Internet.

It is widely assumed that these hackers provide economic intelligence to Pakistani opponents by attacking and hacking Pakistan’s web data.

In this case, another country could easily sever Pakistan’s trade ties with other countries. They just have to bribe the pirates and enforce their own rules to make life difficult in Pakistan.

Despite these events, the recommendations of the National Telecommunications and Information Security Board (NTISB) are not being fully implemented, and need to be addressed immediately. Institutions should prioritize national security across all online channels to manage, protect, and reduce network vulnerabilities.

It is an essential necessity, and these difficulties must be dealt with immediately.

The NCP 2021 is to be implemented in order to secure the IT infrastructure of the Pakistani government, which would require significant investment and organizational transformation.

Lily:
Hackers could be using bad bugs to expose government sites

Indian Embassy website hacked by Kashmiri hackers on Indian Independence Day
1 Million Kashmir University Student and Teacher Data Hacked and Offered for Sale on Dark Web
Another Major Crypto Hack: Over 7,900 Solana Wallets Targeted
140,000 payment terminals were hacked using malware