European Space Agency domains hacked by Anonymous

The collective Anonymous has compromised the subdomains of the European Space Agency website and leaked personal information of thousands of subscribers and officials.

The hacking collective Anonymous seems to be very active in this period, its last victim is the European Space Agency. Members of Anonymous have breached a number of subdomains of the European Space Agency website and leaked personal and login credentials of thousands of subscribers and officials.

”We did it for the Lulz” is the message left by Anonymous.

Anonymous conducted a cyber attack on the following subdomains of the European Space Agency (ESA) website:

• due.esrin.esa.int
• exploration.esa.int
• sci.esa.int

The hackers exploited a blind SQL vulnerability in order to access the backend of the subdomains and exfiltrate data from the database.

The colleagues at the Hackread.com who disclosed the news, have analyzed the data leaked online by Anonymous confirming its authenticity. Anonymous leaked the stolen data into three separate files which include the website’s database, officials personal information and Subscribers’ data.

“The third file contains names, emails and clear-text passwords of 8000+ subscribers. The leaked data is available here → Database | Officials’ data |Subscribers’ data.”

Anonymous reported to HackRead the following message:

“BECAUSE XMAS IS COMING AND WE HAD TO DO SOMETHING FOR FUN SO WE DID IT FOR THE LULZ.”

It seems that the branch of the Anonymous collective that hacked the European Space Agency is the same that breached the databases at United Nations Climate Conference (Cop21) and the World Trade Organization.

Such kind of incidents opens the doors to further cyber attacks, the leaked data include information related to officials that could be targeted by criminal groups or nation-state actors for espionage.

Pierluigi Paganini

(Security Affairs – European Space Agency, Anonymous)