NASA sites running OS X defaced

Zone-H lists the following NASA Web sites defaced today:

#1
http://avdc.gsfc.nasa.gov/phpgdv2

See mirror at zone-h.org/index2.php?option=com_mirrorwrp&Itemid=44&id=4402740

#2
http://avdc1.gsfc.nasa.gov/phpgdv2

See mirror and details at zone-h.org/index2.php?option=com_mirrorwrp&Itemid=44&id=4402742

Zone-H.org archive lists these as mass defacements of Byond Hackers Team.

WHOIS results for 128.183.103.227 are the following:

OrgName: National Aeronautics and Space Administration
OrgID: NASA
Address: IS05/Office of the Chief Information Officer
City: MSFC
StateProv: AL
PostalCode: 35812
Country: US

NetRange: 128.183.0.0 – 128.183.255.25

They have a separate “Cyberwar: the beginning” posting too:
www.zone-h.org/content/view/13932/30/

Share
  • Pingback: NASA sites running OS X defaced » Wagalulu - Technorati’s Top Tags » » NASA sites running OS X defaced

  • http://www.xyberpix.com xyberpix

    I don’t think that the fact that they were running OS X REALLY has much to do with it, at the end of the day it’s your Apache config that matters, as these sites were firewalled pretty hecticly, namely ports 80 and 443 were open, so it was an Apache sploit, also due to the recent Apache advisories, it’s not too suprising really. Not that I’m sticking up for OS X at all, I love it, but I do know that it needs work, but hey, at least these days people are mentioning it, and no publicity is bad publicity. Nice post btw!

  • Alpha

    the NASA sub domains actually defaced with nasty methods and frankly all of the nice methods that anothers think about this are truly false . seems to bypassed some firewalls or IDS’s but at all this sites will deface only with web applications Vuln . such as NASA subdomains that defaced by Ashiyane Security Team in last year . Thanks .