The site, belonging to NASA's Geostationary Operational Environmental Satellite (GOES) Project, was taken over by a well-known group of Brazilian hackers known as Prime Suspectz.
The Web site was powered by Microsoft's Web serving software Internet Information Server (IIS) 4.0 and its NT operating system.
Paul Rogers, security with MIS corporate defence solutions, says that hackers who took control of the Web site are likely to have exploited well-known vulnerabilities in the Microsoft Internet Information Server Unicode translation. This easy to use exploit, which allows a hacker to take control of a server through a browser, has been used to deface numerous Web sites, says Rogers.
Rogers adds that the attack is indicative of the number of exploits found in ISS. "There are bucket loads [of exploits], he says. "I would have thought that NASA would be pretty hot at patching their machines though."
A spokesman from Alldas.de, a German Web site that logs site defacements also said that the Unicode exploit was a likely explanation. "There are so many exploits. It is usually quite easy," the representative said.
Microsoft, in fact, recently revealed details of another flaw in IIS, allowing malicious computer attackers to crash the Web server.
