A hacker affiliated with the Anonymous collective is said to have taken control of the website belonging to the Russian Space Research Institute (IKI), leaking confidential files belonging to the Russian space agency Roscosmos in the process.
Anonymous confirmed the attack on Thursday afternoon, attributing it to a hacker known as v0g3lSec and posting evidence of the breach, which displayed a message on the website’s subdomain demanding that Russia “leave Ukraine alone”.
The IKI website subdomain has since been taken offline, although the official home page is still accessible as of the time of writing.
In a pinned Twitter post, v0g3lSec shared access to Russia’s lunar missions files, obtained through a brute-force attack on a private service hosted by Roscosmos. In an update on Friday morning, they stated that “more leaks” would be “coming soon”.
The hacker told Vice Motherboard that the Roscosmos files were only protected by a weak username and password login:
“All i did was bruteforcing [sic] the password while keeping the username as ‘admin’.. as they were using a weak password, it didnt take much time for me to get the password,” they said in a written statement.
The attack comes days after Roscosmos head Dmitry Rogozin warned that any attempt to disable Russia’s satellite system, which is being used to aid Russian military action in Ukraine, “is generally a casus belli, that is, a reason to go to war”.
“I want to warn everyone who tries to do it that it is essentially a crime, which should be toughly punished,” he told a Russian TV channel, according to the country’s news agency Interfax.
Modernise your server infrastructure for speed and security
Infrastructure lifecycle automation paves the way for an adaptive, resilient organisation
The statement came after Anonymous claimed to have hacked Roscosmos satellites on Monday as part of their organised effort against Russia.
“The WSO2 was deleted, credentials were rotated and the server is shut down … Have a nice Monday fixing your spying tech. Glory to Ukraine,” Anonymous said.
On Thursday, UK government-backed OneWeb suspended its plans to launch 36 broadband satellites from a Russian-operated spaceport in Kazakhstan, in a mission that was to be overseen by Roscosmos. The Russian space agency previously demanded that the UK government sell its 20% stake in OneWeb that it purchased in 2020.
