Royal Navy hacker claims to have broken into space agency site

Paris, we may have a problem


Login credentials for database, email and other key systems that a poster claims belong to the European Space Agency were posted on a full disclosure mailing list over the weekend.

TinKode posted supposed admin, content management, file upload (FTP), email and other account login details after using unspecified vulnerabilities to pull off his alleged hack on ESA's systems. He also posted Apache server configuration files and other data that, if genuine, might be of use in follow-up attacks.

The motives for the assault are unclear.

Net security firm Sophos was unable to verify the hack, not least because trying any of the published passwords to see if they worked or not would itself be a violation of UK's computer misuse laws. However it described TinKode's claims as credible.

TinKode had previously carried out a similar assault on the Royal Navy's official website. That attack was later confirmed.

ESA's main website (esa.int) remains up and running on Monday morning. No one from the agency was available for comment at the time of going to press.

"Hopefully the ESA is changing its passwords and looking at its website security as a matter of some urgency," a Sophos spokesman said. "If users are using the same password in multiple places then they would be wise to adopt a more sensible password policy ASAP." ®


Other stories you might like

  • Mars Express orbiter to get code update after 19 years
    And over millions of miles, too. Piece of cake!?

    The software on ESA's Mars Express spacecraft is to be upgraded after nearly two decades, giving the orbiter capabilities to hunt for water beneath the planet and study its larger moon, Phobos.

    Mars Express was launched on June 2, 2003, and was initially made up of two components: the Mars Express Orbiter and the Beagle 2 lander. Unfortunately, the lander failed to make contact with Earth after it was released and arrived at the surface of the Red Planet. It is presumed lost. The orbiter, however, is still working after 19 years in service, spinning around Mars.

    Now, engineers at the Istituto Nazionale di Astrofisica (INAF), Italy, are revamping the spacecraft's software. The upgrade will allow the Mars Express Orbiter to continue searching for water locked beneath the Martian surface using its MARSIS radio-wave instrument and monitor the planet's closest satellite, Phobos, more efficiently. MARSIS is today operated by INAF and funded by the Italian Space Agency.

    Continue reading
  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • Could a leaky capacitor be at fault on ESA's Sentinel-1B?
    Prepare your 'turn it off and on' jokes as engineers get ready to flip the heaters

    Attempts to recover ESA's stricken Sentinel-1B satellite are continuing and one of the failure scenarios engineers are considering will be familiar to some of us: possible leakage of a ceramic capacitor.

    The satellite, launched in 2016 aboard a Russian Soyuz rocket from the Arianespace facility at Kourou in French Guiana, remains under control. However, power problems have rendered its C-band Synthetic Aperture Radar (C-SAR) instrument pretty much useless, thus defeating the point of the spacecraft.

    Sister spacecraft, Sentinel-1A, has continued to collect data despite recently having to dodge some debris.

    Continue reading
  • ESA: Fly me to the Moon, just not on a Russian rocket
    Payloads pulled as Europe eyes alternatives

    The European Space Agency (ESA) has pulled back from yet more "cooperative activities" with Russia as the agency continues to adjust to life without its former partner.

    It said yesterday that a "fundamental change of circumstances... make it impossible for ESA to implement the planned lunar cooperation."

    ESA's ExoMars project was already put on hold last month as bosses ponder how to get the completed rover to the red planet without the Proton rocket they had expected to launch it on in September.

    Continue reading
  • The Register gets up close and personal with ESA's JUICE spacecraft
    Next stop, French Guiana. Then Jupiter

    Feature The European Space Agency's (ESA) JUICE (Jupiter Icy Moons Explorer) spacecraft has kicked off electromagnetic testing in the Airbus Defence and Space cleanrooms in Toulouse.

    The JUICE mission, which is due to launch on the very last Ariane 5 from French Guiana in April 2023, will spend nearly eight years cruising to Jupiter and a further three and a half years observing the Jupiter system. In 2034 it will become the first spacecraft to orbit a moon other than Earth's own satellite as it drops into orbit around Ganymede for some close-up science.

    The Register visited Airbus's facility while the spacecraft was undergoing testing in the "quiet" room of the Toulouse site, the purpose being to check out any interference from the payload components. Visitors were therefore politely asked to surrender phones and anything that might interfere with the environment. We also had to wear protective gear to keep the spacecraft as squeaky clean as possible, although the end of the mission will see JUICE sent crashing into the surface of Ganymede to avoid any contamination reaching Europa.

    Continue reading
  • Stolen-data market RaidForums taken down in domain seizure
    Suspected admin who went by 'Omnipotent' awaits UK decision on extradition to US

    After at least six years of peddling pilfered personal information, the infamous stolen-data market RaidForums has been shut down following the arrest of suspected founder and admin Diogo Santos Coelho in the UK earlier this year.

    Coelho, 21, who allegedly used the mistaken moniker "Omnipotent" among others, according to the US indictment unsealed on Monday in the Eastern District of Virginia, is currently awaiting the outcome of UK legal proceedings to extradite him to the United States.

    The six-count US indictment [PDF] charges Coelho with conspiracy, access device fraud, and aggravated identity theft following from his alleged activities as the chief administrator of RaidForums, an online market for compromised or stolen databases containing personal and financial information.

    Continue reading

Biting the hand that feeds IT © 1998–2022