14 DAY TRIAL // Several domains and subdomains of Nimbuzz, the highly popular free instant messaging app, have been hacked and defaced by an Iranian hacker.
The Hackers Post reports that the nimbuzz.com, developers.nimbuzz.com, shop.nimbuzz.com, services.nimbuzz.com, nimbuzzout.com, get.nimbuzz.com and profile.nimbuzz.com sites have been affected by the breach.
Currently, the websites have been restored, but mirrors of the defacements can be found here.
The hacker hasn’t mentioned any reasons for targeting the websites, but judging by his defacement message, he simply wanted to prove that the sites are vulnerable.
We’ve reached out to Nimbuzz to see if they can explain how the hacker managed to deface so many of their sites.
So far, the company hasn’t responded to our inquiry, but we’ll update this post in case they do.
In the meantime, it’s worth noting that in early April Nimbuzz announced the launch of a bug bounty program. At the time, they encouraged security experts to responsibly submit the issues they find on Nimbuzz.com.