Cyber Incident Victim: Supreme Court of Pakistan
Date:
Mar 2023
Location:
Pakistan
Summary
The Supreme Court of Pakistan's website was taken over by unknown attackers who displayed a promotional message before government IT staff restored service. After recovery, a COVID-19 advisory was posted, and it remains unclear whether any data was exfiltrated or the duration of disruption. The incident follows a recent breach of a Pakistani online retailer where test data was compromised via a phishing attack on a developer's laptop.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Tuesday morning, the official website of the Supreme Court of Pakistan was taken over by attackers of unknown origin. The intruders replaced the site’s content with a message that read “our spring sale has started”. Within minutes, users began sharing screenshots of the altered page on social media platforms, causing the images to spread quickly. The defacement persisted until government IT specialists intervened.

After a short period, the IT team succeeded in restoring the website to its normal state. Shortly after the restoration, a COVID‑19‑related advisory was posted on the site, advising that only concerned individuals should visit the court despite the low number of active cases in Islamabad. Authorities have not confirmed whether any data was exfiltrated during the incident, nor have they disclosed the exact length of the disruption. The event is noted as one of several recent cyber attacks targeting prominent Pakistani online services.
Earlier in the same month, the online retailer Naheed experienced a breach in which hackers claimed to have obtained up to 23,000 user records and 108 order details, including identifiers, emails, names, addresses, payment information and phone numbers. Naheed later stated that the breach originated from a compromised developer laptop via a phishing attack, which allowed the attackers to access non‑critical test data on a staging server. The Naheed incident was cited in the same report to illustrate the broader pattern of website compromises in Pakistan.
