NASA and ESA confirm hacking attack from ‘The Unknowns’ group

8 May 2012

Screenshot of NASA Glenn Research Center homepage

A new hacking group calling itself The Unknowns managed to breach the security of sites belonging to NASA and the European Space Agency in recent weeks. The group, which claims to have hacked 10 sites in all, appears to be on a crusade to help improve internet security.

ZDnet already reported how NASA said its security officials had detected an intrusion into its Glenn Research Center site.

“NASA security officials detected an intrusion into the site on April 20 and took it offline,” a NASA spokesperson said in a statement. And the ESA also confirmed to ZDnet it had been hit with a security breach.

It was back on 1 May The Unknowns issued a post on Pastebin.com in which it claimed it had breached the security of 10 websites. As well as NASA’s Glenn Research Center and the ESA, the group claimed to have gleaned administrator accounts and passwords were the US Military, the US Air Force, Thai Royal Navy, Harvard University, Renault Company, the French Ministry of Defense, the Bahrain Ministry of Defense and Jordanian Yellow Pages.

“Victims, we have released some of your documents and data, we probably harmed you a bit but that’s not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two, the vulnerabilities we found will be patched and that’s what we’re actually looking for,” said the post from the group at the time.

As well as this, The Unknowns also used MediaFire to post screenshots depicting how it gained access into the sites.

In a more recent Pastebin post, The Unknowns said it is a new hacking group.

“We are not Anonymous Version 2 and we are not against the US government,” said the post. “Now, we decided to hack these sites for a reason …

“These websites are important, we understand that we harmed the victims and we’re sorry for that – we’re soon going to email them all the information they need to know about the penetrations we did.

“We still think that what we did helped them, because right now they know that their security is weak and that it should be fixed.”

The post went on to say that the hackers were “happy to inform you that most of the links we used to penetrate threw the databases, have been patched. This is exactly what we where looking for. This is what we want.”

Yesterday on its Twitter page, the group said every site it claimed to have hacked had made their systems secure, apart from the US Air Force.

“We are happy to inform you that all of our victims have patched their systems except for the US AIR FORCE … We shall email them right away,” said the Twitter post.

Carmel Doyle was a long-time reporter with Silicon Republic

editorial@siliconrepublic.com