Cyber Incident Victim: SAMAA TV

On October 12, 2014, the official website and live video streaming platform of Pakistani news network SAMAA TV were compromised by a hacker operating under the alias Kai-H4xOrR, affiliated with the Pakistan Haxors Crew. The attacker defaced the live.samaa.tv subdomain, replacing legitimate content with a political message criticizing the network’s editorial choices. The intrusion specifically targeted SAMAA TV for allegedly promoting Indian cultural content, including movies and dramas, which the hacker deemed contradictory to Pakistani cultural interests. The defacement message demanded the cessation of Indian content dissemination and accused Pakistani media of neglecting coverage of ceasefire-related issues in favor of political events like Imran Khan’s "azaadi march." Evidence of the breach was documented through Zone-H mirror links, confirming unauthorized access to the web servers.

Kai-H4xOrR, previously linked to attacks on Pakistan People’s Party and PTV Sports websites, left a warning for all Pakistani media outlets to "promote [their] own culture." The defacement page remained temporarily visible before SAMAA TV’s technical team restored access to the live streaming service and removed the malicious content by the time media reports circulated. No additional technical details regarding the attack vector, duration of downtime, or broader network impact were disclosed in available sources. The incident highlighted operational vulnerabilities in the broadcaster’s digital infrastructure but did not reference data theft, service disruptions beyond the defacement, or secondary systems affected. SAMAA TV did not release an official statement regarding mitigation measures or forensic findings based on the provided evidence.