The Urdu news website of Pakistani broadcaster Samaa TV was defaced in a suspected cyberattack after unidentified threat actors replaced the platform’s homepage with their own branding and messages. The attackers claimed responsibility for compromising the website and displayed content associated with a group identifying itself as “Hind Cyber Ghost.” At the time of the incident, visitors accessing the Urdu news portal were presented with a defaced webpage instead of the site’s regular content. The cyberattack disrupted access to the platform and raised concerns regarding the security of media organizations operating online. At the time of publication, Samaa TV had not released an official statement addressing the reported incident or providing details about the scope of the breach.
The defaced homepage prominently featured the “Hind Cyber Ghost” logo alongside the message, “No System Is Secure,” which appeared to serve as a warning directed at the broadcaster. The attackers also identified themselves as “Jordan X Alpha 02” and embedded a “Play Music” option within the compromised webpage. In their message, the threat actors claimed they had “owned the entire platform” of the Pakistan based news organization and described Samaa TV as “just another demo,” suggesting that additional targets could follow. The message further referenced Geo News, with the attackers claiming they had previously spared the broadcaster before allegedly targeting Samaa TV. Several hashtags associated with Indian cyber collectives were also included on the defaced page, and the attackers claimed an affiliation with India. However, these claims have not been independently verified, and no official confirmation has been provided regarding the identity or origin of the individuals or group responsible for the website defacement.
Following the reported breach, the affected website became inaccessible to users and displayed a 502 Error page generated by Amazon CloudFront. The error message indicated that CloudFront was unable to establish a connection with the origin server, preventing the website from loading normally. While a 502 Error may appear after a cyber incident or website compromise, it can also result from server side issues, configuration errors, or connectivity problems. As a result, the appearance of the error page alone does not confirm the exact cause of the outage or provide evidence regarding the extent of the reported cyberattack. No additional technical information has been made public to indicate whether the disruption was limited to the website interface or involved other backend systems connected to the platform.
As of the time of publication, there has been no official confirmation regarding whether any internal infrastructure, databases, or user information were affected during the reported incident. Similarly, there is no verified information indicating whether any sensitive data was accessed or extracted as part of the compromise. The identity of the attackers and their claimed affiliation remain unverified, and no independent evidence has been presented to support the assertions made on the defaced webpage. The incident highlights the continued targeting of online media platforms by cyber threat actors seeking to disrupt services, spread messages, or gain attention through website defacements. Until further technical findings or an official statement are released by Samaa TV, the full impact and nature of the reported cyber incident remain unclear.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.