NASA Web Sites Hacked (Iraqi Sympathizers)

Internetnews.com ^ | 18 December 03 | Sharon Gaudin

[Golden Eagle]

NASA Web Sites Hacked

By Sharon Gaudin

Thirteen NASA Web sites were attacked this morning by a Brazilian group protesting the war in Iraq, according to two separate organizations that monitor hacking.

On the same day as President George Bush and 34,000 onlookers celebrated the achievements of the Wright brothers and 100 years of powered flight, the Brazilian group, calling itself DRWXR, defaced the NASA Web sites, according to both mi2g, a digital risk management company based in London, and Zone-H, an organization that monitors hacking.

The Zone-H Web site itself was down today. No one at Zone-H could be contacted by deadline to find out if their troubles are linked to the fact that they reported the NASA hacking incident.

A spokesman at mi2g says that they have not been attacked.

Some of the attacked online servers belong to NASA's Computing, Information and communications Technology Program (CICT), The Advanced Supercomputing Division, the Information Power Grid (IPG) and the NASA Research & Education Network (NREN).

The main NASA Web site -- www.nasa.gov -- apparently was not hit. The site was still available today.

The message left behind on the sites protests the U.S.-led war in Iraq. The hackers also attached a video clip which reportedly shows U.S. soldiers killing an Iraqi.

''This is one of the most significant breaches of .GOV domain -- US Government -- sites in the last six months,'' says a spokesman for mi2g. ''In the wake of the war with Iraq, significant effort has been put into protecting online computer systems by the U.S. federal and state governments, making regular and publicly visible breaches of computing infrastructure a less frequent occurrence.''

NASA has reportedly made significant improvements to its Web site security since a hacking group called the Trippin Smurfs brought down nine servers belonging to NASA's Jet Propulsion Laboratory 10 months ago. In that attack, the hackers left messages protesting U.S. involvement in the Middle East. That was the third time the Trippen Smurfs had successfully compromised servers in the Jet Propulsion Laboratory.

[danneskjold]

Those Trippen Smurfs sound like a scary bunch...better not do anything to make them mad (or humiliated)...

[Golden Eagle]

Several NASA sites defaced, shocking video posted as political message (zone-h.org)

Thirteen NASA websites have been defaced this morning by a brazilian crew called drwxr. The defacer apparently modified the index pages to express his opinion about the war, leaving the message "The war in iraq, kill is a play!" linked to a video of CNN showing american soldiers killing an iraqi and cheering.

According to netcraft, the sites were running the apache 1.3.27 webserver with PHP and several apache modules on a Linux system, we can suppose that the server was remotely compromised using a vulnerability in a PHP script, then the defacer probably gained root privilegies using the local root exploit for the linux kernel 2.4.22 (and earlier) published by iSEC Security Research last week...

http://www.zone-h.com/en/news/read/id=3846/

[Calpernia]

Ping

[Golden Eagle]

Ping

[Pro-Bush]

BUMP!

''This is one of the most significant breaches of .GOV domain -- US Government -- sites in the last six months,'' says a spokesman for mi2g.

[Prime Choice]

Not sure why they chose to attack NASA sites. I don't seem to recall the Shuttle being used to bomb Baghdad.

Anyone ever get that AVI file on the defacements to play? I tried, but it didn't work.

[Golden Eagle]

Not sure why they chose to attack NASA sites.

Simple, because they were ripe.

[Golden Eagle]

Anyone ever get that AVI file on the defacements to play? I tried, but it didn't work.

Probably being overloaded right now, this news is just breaking.

[Prime Choice]

Simple, because they were ripe.

Ah. The old "low-hanging fruit" approach. I guess that makes those jokers less than "elite" and more like "effete." ; )

Finally saw the iraqwar.avi movie. Pretty cool. Showed our troops taking out an Iraqi attacker who'd already been hit. I'm sure the Left thinks it's just awwwwwful, but -- as in all situations -- they neglect the fact that the guy that just got killed was trying to kill our boys. (And I have no doubt that the Left would have cheered if it'd been our boys getting killed in that footage.)

[Truth666]

I hope they didn't steal this historic piece of software

[adam_az]

MI2G are a bunch of losers.

Read here:

http://www.attrition.org/errata/charlatan/mi2g-history.html

and more articles about mi2g - links here

http://vmyths.com/resource.cfm?id=64&page=1

[Golden Eagle]

MI2G are a bunch of losers.

So you support the hackers instead of the security organizations that reported the incident. Strange, needless to say.

[adam_az]

mi2g is not a security organization. Did you visit either link I posted?

[labowski]

''In the wake of the war with Iraq, significant effort has been put into protecting online computer systems"

Ya know, I was watching the new Battlestar Galactica series and the way they explained the Galactica being the only Battlestar that survived was that it was old and it's computers were not tied into the network as it were. I don't know why that sentence made me think of that, but it did.

[Liberal Classic]

NASA was hacked by Cylons?

[Incorrigible]

What's this?  Internet servers running LINUX and Apache with PHP are vulnerable?

You don't say!

[Golden Eagle]

Attrition.org is one of the #1 hacker sites on the web, so no I didn't go there, but why in the world would it be surprising they are trying to discredit a security firm? They are hackers, so it would seem in their interest would it not?

Your second link seems to indicate mi2g has been warning of pro-Islamic cyberterrorism, so what is it you are complaining about again?

[labowski]

LOL, exactly and they turned Starbuck into a chick.

[Jonah Hex]

They emasculated Starbuck?!? Next thing you'll tell me is that they killed Kenny!

YOU BASTARDS!!