• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

200 Swedish municipalities impacted by a major cyberattack on IT provider

 | 

TransUnion discloses a data breach impacting over 4.4 million customers

 | 

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

 | 

UNC6395 targets Salesloft in Drift OAuth token theft campaign

 | 

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

 | 

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

 | 

Healthcare Services Group discloses 2024 data breach that impacted 624,496 people

 | 

ESET warns of PromptLock, the first AI-driven ransomware

 | 

China linked UNC6384 targeted diplomats by hijacking web traffic

 | 

Farmers Insurance discloses a data breach impacting 1.1M customers

 | 

Citrix fixed three NetScaler flaws, one of them actively exploited in the wild

 | 

Auchan discloses data breach: data of hundreds of thousands of customers exposed

 | 

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

 | 

Docker fixes critical Desktop flaw allowing container escapes

 | 

Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware

 | 

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

 | 

Android.Backdoor.916.origin malware targets Russian business executives

 | 

Electronics manufacturer Data I/O took offline operational systems following a ransomware attack

 | 

IoT under siege: The return of the Mirai-based Gayfemboy Botnet

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 59

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Security
  • The Unknowns, hacker’s revenge in the name of security

The Unknowns, hacker’s revenge in the name of security

Pierluigi Paganini May 12, 2012

It’s happened, another group of hacker named The Unknowns has hacked several organizations, , including NASA and the U.S. Air Force, and posted evidence of their actions. The complete list has been published in a message on PasteBin:

  1. NASA – Glenn Research Center
  2. US military
  3. US AIR FORCE
  4. European Space Agency
  5. Thai Royal Navy
  6. Harvard
  7. Renault Company
  8. French ministry of Defense
  9. Bahrain Ministry of Defense
  10. Jordanian Yellow Pages

In the message published on Pastebin the group has declared war to everybody, they promised hacks against “all the other websites out there,”. Very strange the proposal that the group sent to every company requesting to be contacted by them before they will be target of their attack, they are proposing to help potential victims to fix their potential vulnerabilities.

“Contact us before we take action and we will help you, and will not release anything…. It’s your choice now.”

Always when we think to hacktivism we remind Anonymous groups, but The Unknowns have declared to fight for internet security instead internet freedom.

They desire to exploit vulnerabilities to attract media attention and force their patching.

Are we facing with “Anonymous 2”?

The groups demands its own identity and distanced himself from the most famous group Anonymous.

“We are not Anonymous Version 2 and we are not against the US Government,”

 “We’re here to help and we’re asking nothing in exchange,”

The group was already responsible for a series of attacks made on April 1th and has announced new ones on May 1th via Twitter. The modus operandi is really different, The Unknowns operate to test websites and cyber infrastructure providing evidence of the any weaknesses found without releasing hacked information.

The NASA and ESA have confirmed the attacks giving more detail on the operations. An European Space Agency’s spokesperson reported to ZDNet that the hackers have used a SQL Injection Attack. On Pastebin were published also screenshots, administrator credentials and other documents.  The Unknowns also posted Air Force documents to the site MediaFire and, from the NASA hack, names, addresses, e-mail addresses and employers on 736 people on Pastebin.

We can consider The Unknowns group as a “grey hat” hacker team because they operate to find exploit without malicious intentions and without providing to the public details of the vulnerabilities exploited, but we must also consider that their operation could also cause serious damage to the victims. At least in this phase the group hasn’t a politic direction and it’s only focused on its mission.

The group has promised to e-mail victims sending details of their hacks to responsibility the global security community on the management of the vulnerabilities.

“Our goal was never to harm anyone, we want to make this whole Internet world more secured because, simply, it’s not at all and we want to help,”

As usual, we make some simple reflections on the events.

Not surprisingly, certainly the genesis of groups that inspired by the famous Anonymous will emulate deeds for noble purposes, however, apparently in this case that puzzles me is the willingness of hackers to come in contact with their victims or potential victims to direct them to appropriate level of security.

All this has very little sense especially in relation to the size of the companies attacked, none of it ever come to terms with these gentlemen, for this reason I believe that unlike other groups, it consists mainly of young hackers, extremely capable, but who have little knowledge of business dynamics. If someone of The Unknown is reading he could contact me so that he can release me an interview that might clarify the real role of the group in today’s cyberspace.

Another question that comes to mind, why these folks spend time for the affirmation of security, are they motivated by other intents or we can consider  them as the philanthropic of the sector? Who really lies behind these groups?

Just for the specificity of their motivation I believe that its members are keen supporters of Anonymous from which they have taken away some suggestions in terms of media approach. Phenomena such as this, which is still in an embryonic stage can go out in the bud right for immature reasons, but it can also inflame and reach dangerous dimensions thanks to the media echo that the network provides.

Time will give us more guidance.

Pierluigi Paganini


facebook linkedin twitter

Anonymous Cyber attacks hacker Hackers Hacking Hacktivism hacktivist Intelligence NASA security The Unknowns vulnerabilities

you might also like

Pierluigi Paganini August 28, 2025
200 Swedish municipalities impacted by a major cyberattack on IT provider
Read more
Pierluigi Paganini August 28, 2025
UNC6395 targets Salesloft in Drift OAuth token theft campaign
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    200 Swedish municipalities impacted by a major cyberattack on IT provider

    Security / August 28, 2025

    TransUnion discloses a data breach impacting over 4.4 million customers

    Data Breach / August 28, 2025

    NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

    Intelligence / August 28, 2025

    UNC6395 targets Salesloft in Drift OAuth token theft campaign

    Hacking / August 28, 2025

    Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

    Hacking / August 27, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT