NASA, Air Force, Harvard, Military, ESA Hacked by Gray Hats 'The Unknowns'

A new hacking collective called 'The Unknowns' breached 10 high-profile websites including NASA, the U.S. Air Force, Harvard University and the ESA before dumping proof on Pastebin. After the leaks and both NASA and ESA confirmed the hacks, the gray hat group released a message that the hackers were helping to improve the compromised sites' security.

The Unknowns, a new hacking groups that claims to be neither white hats nor black hats, have targeted, hacked and released over 200MB on the following list of victims: NASA's Glen Research Center, US Air Force, the US Military's Joint Pathology Center, Harvard University, the European Space Agency (ESA), the French Ministry of Defense, the Ministry of Defense in Bahrain, Renault, the Thai Royal Navy, and the Yellow Pages in Jordan.

To prove the breaches, the gray hat hacking group leaked 177.79MB in part 1 and 37.37 MB in part 2 on MediaFire, as well as screenshots and documents on Pastebin. According to the second release on Pastebin, the sites were hacked by Zyklon B and powered by The Unknown, Mr. P-teo and GrickoTheNoob. The Unknowns wrote, "We are not Anonymous Version 2 and we are not against the US Government."

However ZDNet reported the hacking group dumped the "names, employers, home addresses, and e-mail addresses of 736 victims on Pastebin." Two posts have been removed since Pastebin hired a bigger staff to delete sensitive information dumps. ESA Security Office Manager Stefano Zatti told ZDNet, "The group used SQL injection. The use of SQL injection is an admitted vulnerability" that "needs to be addressed at a coding level."

A NASA spokesman told ABC News, "NASA security officials detected an intrusion into the site on April 20 and took it offline. The agency takes the issue of IT security very seriously and at no point was sensitive or controlled information compromised. NASA has made significant progress to better protect the agency's IT systems and is in the process of mitigating any remaining vulnerabilities that could allow intrusions in the future."

At first, The Unknowns wrote, "And for all the other websites out there: We're coming, please, get ready, protect your website and stop us from hacking it, whoever you are. Contact us before we take action and we will help you, and will not release anything... It's your choice now." The hacking collective's Twitter account The Unknown was created on May 1 and now has nearly 400 followers.

The Unknowns then released the following message:

These Websites are important, we understand that we harmed the victims and we're sorry for that - we're soon going to email them all the information they need to know about the penetrations we did.

We still think that what we did helped them, because right now they know that their Security is weak and that it should be fixed.

We wanted to gain the trust of others, people now trust us, we're getting lots of emails from people we never knew, asking us to check their website's security and that's what we want to do.

Our goal was never to harm anyone, we want to make this whole internet world more secured because, simply, it's not at all and we want to help.

We don't want revolutions, we don't want chaos, we just want to protect the people out there.

Websites are not secured, people are not secured, computers are not secured, nothing is...

We're here to help and we're asking nothing in exchange.

And now, we are happy to inform you that most of the links we used to penetrate threw the databases, have been patched. This is exactly what we where looking for. This is what we want.

The Unknown 1 tweeted on May 3rd:

Although The Unknowns claim to be helping, by hacking and dumping the second release on May 1st before notifying the sites, they are likely in the hacked sites' crosshairs. In the past, hacking NASA and ESA then dumping as opposed to "responsible disclosure" didn't work out so well for a gray hat. After Romanian hacker TinKode breached NASA's Goddard Space Flight Center, he also claimed to be helping. At the time TinKode told me, "I don't do bad things. I only find and make public the info. Afterwards I send an email to them to fix the holes. It's like a security audit, but for free." But 20-year-old TinKode was recently indicted for cybercrimes with estimated damages around $250,000 (€190,000).

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Copyright © 2012 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.