Hacktivist pranksters stick it to the European Space Agency

Not to worry, it was all 'for the lulz'. And Christmas

Elements of Anonymous have taken time off from fighting adherents of Daesh (the so-called Islamic State) and trolling Donald Trump to attack the European Space Agency.

Hacktivists dumped a schema of the ESA website (esa.int), along with data about registered users, collaborators, and subscribers, after hacking into the space agency’s apparently insecure website.

Anons said it pulled off the hack out of pure devilment and mischief rather than any particular gripe.

"Because Xmas is coming and we had to do something for fun so we did it for the lulz," persons using the name and iconography of online activist collective Anonymous (PUTNAIOOACA) told HackRead on Monday.

Staff names, email addresses, phone and more were grabbed by the hackers who apparently exploited a SQL injection attack on targeted websites (due.esrin.esa.int, exploration.esa.int, and sci.esa.int). Details of more than 8,000 subscribers were also spaffed online.

Many of the passwords were insecure and one even used “esa” as a login credential, according to an analysis by Steve Ragan for CSO.

Further security commentary on the incident can be found in a post on BitDefenders' HotForSecurity blog here.

In more upbeat news, ESA astronaut Tim Peake took off in a Soyuz rocket from Kazakhstan en-route to the orbiting International Space Station on Tuesday.

His exploits made Peake the first Briton to fly into space without a private contract or through holding a foreign citizenship, becoming the UK’s first official astronaut. ®


Biting the hand that feeds IT © 1998–2017