European Space Agency hacked

By

'Just for the Lulz'.

Unknown hackers have compromised several sites and subdomains belonging to the European Space Agency (ESA), capturing details about the organisation's management and subscribers.

European Space Agency hacked
British ESA astronaut Tim Peake testing his NASA Extravehicular Mobility Unit space suit at the Johnson Space Centre, USA. Source: ESA.

The attackers posted the leaked data to Justpaste.it, and gave the motivation for the attack as "Lulz" - or hacking just for the fun of it.

ESA's Data User Element (due.esrin.esa.int) training site was compromised, along with the domains with information on the robotic exploration of the planet Mars (exploration.esa.int) and the agency's science and technology news page (sci.esa.int).

Names, addresses, phone numbers and affiliations of numerous ESA staffers were posted to the paste site, and sighted by iTnews.

Another database containing over 8000 names, email addresses and passwords of "oc_4 subscribers" was also leaked. The vast majority of the passphrases were very simple, with over 3000 comprised of just three digits.

The structure of the DUE site was also posted by the attackers, revealing that ESA is using the Debian 7.0 "Wheezy" Linux distribution, the Apache 2.2.22 webserver with PHP 5.4.4, and MySQL 5.0.0 or greater database.

Anonymous is thought to have used a blind strucutured query language (SQL) injection attack that asks the site database a series of true or false questions, to determine the data based on the application response.

There has been no comment so far from the ESA on the hack.

The hack comes on the cusp of the launch of the Principia mission to the International Space Station, scheduled to take place today.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?