Zong adds a mysterious customer tracker on its website

Have you heard that lately Zong has injected a script into all its webpages that allow for a toolbar. This script can easily be hacked by anyone, and the hackers can then load their own scripts in your browser.

This script allows Zong or the hackers to hijack the customer’s browser and make the customer install a fake certificate and get a copy of all private data of Facebook, Twitter, Gmail, Outlook, and whichever online services the customer users. This also enables Zong and the hackers to track our web history and pop up their ads of choice in the browser. And the script still loads even if you unsubscribe.

Here’s the proof:

Zong Website

This has created a huge buzz on social media, and the techies are asking their social media to block the IP of Zong’s website. This is certainly not good news for Zong. If this goes viral, Zong will lose its popularity amongst the tech-savvy youth even if it wants to flaunt the advantages of its 4G network. People can compromise on speed, but never on security.

Zong needs to come clean on how it plans to rectify this loophole and ensure proper security of its website visitors and customers in the future. A simple press release or conference won’t do the job, it needs to make its security procedures more transparent. People are talking about suing Zong and reporting this issue to the PTA. Many have already added its website IP to their blacklist and have installed adblock to avoid the induction of any unnecessary ads or malware in their browsers.

Imagine the repercussions this could have for cyber-security. Even if Zong clears this issue, it’s highly improbable that people who know about this issue will come back on the site again. It’s up to Zong’s creativity and PR management to lift the company out of this fiasco, as it would have already lost a lot of customers by now.




  1. Salim Ahmed

    22/03/2016 at 10:38 pm

    fake post i checked my self

    • Mehreen Omer

      23/03/2016 at 5:10 pm

      This isn’t fake. Did you check Zong’s website?

  2. Rihan Saeed

    22/03/2016 at 10:42 pm

    Yes i checkmed my self too fake post…why she is writing here wrong message to the people this is a fake post… It’s all just for popularity

    • Mehreen Omer

      23/03/2016 at 5:10 pm

      This isn’t fake. Check Zong’s website.

  3. CuriousCursor

    09/04/2016 at 2:29 am

    Yup, this is correct. It’s only observed on non-https websites though. And this is probably why cloudflare blocks it so we have to fill recaptchas all the time.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To Top