Security Experts:

Trolled by Anonymous - NASA's Mars Rover is Not a Target

Last week, an Anon looking for lulz blasted a message into several rooms at once, most of those who seen the message laughed and moved on with their day. However, someone didn’t, and instead a news story appeared that – if anything – proves that the name Anonymous can be used to give even the most outlandish claims a spotlight.

Anonymous Mars Rover

On Thursday (August 9), at 15:06 EST, an Anon on IRC altered his name and changed it to MarsCuriosity in order to deliver the following message to several channels at once (message left uncorrected from channel logs):

[15:06] Anyone in Madrid, Spain or Canbarra who can help isolate the huge control signal used for the Mars Odyssey / Curiosity system please? The cypher and hopping is a standard mode, just need base frequency and recordings/feed of the huge signal going out. (yes we can spoof it both directions!)

The message was a weak attempt to troll at best. Trolling within Anonymous art form and it’s used for amusement mainly. The Rover request was viewed as an obvious troll, one that attempted to target the gullible. This is given, especially to the others that SecurityWeek spoke to, as most of those on AnonOps at the time had neither the skill nor patience to target NASA’s communications systems.

However, someone took the bait. An Open Source Intelligence firm, Flashpoint Partners, warned customers of the proposed operation in an email alert.

According to Flashpoint’s marketing material, their customers receive daily stream of “Open Source wires on hacker tactics, techniques, and targets, affording unrivaled insight into the operations of these threat actors.”

They single out Anonymous directly within their marketing page, outlining their preferences for operating systems, and various tools for SQL Injection, DDoS, network mapping, and network penetration. This insight comes from their analysts who “have deep experience inside hacker communities and comprehensively monitor the private online channels where they operate.”

“With this real time access to hacker planning cycles, Flashpoint knows which targets are being discussed and which are being attacked,” the marketing page continues.

It’s interesting to note that this firm's marketing centers on Anonymous, while the publically available reports on cyberterrorism focus on Islamic extremists and Web-based Jihad. Unfortunately, this real-time access and deep experience doesn’t seem to grasp the culture of Anonymous. So in their rush to share information, Flashpoint became the victim of a random act of trolling.

The Hacker Intelligence Wire, Flashpoint’s service that reported on the alleged Anon operation to target NASA, did point out that it could be a hoax.

As told to PC Magazine, who reported on Flashpoint’s alert, co-founder Josh Lefkowitz said the name used by the Anon may be a one-off “created and used specifically for the proposed operation.”

“The unknown actor may or may not be a member of good standing within the Anonymous collective... There's even the possibility that the poster is an anti-Anonymous actor or member of law enforcement seeking to draw out actual members of the collective.”

The claims that Anonymous would want to attack NASA stir thoughts of another outlandish hacking claim.

In 2011, Bloomberg reported on a briefing from the U.S.-China Economic and Security Review Commission, which claimed that in 2007 and 2008 China had gone through a ground station in Norway to hack two satellites used for climate and terrain observation.

The report was never fully vetted. NASA denied the incident in a statement, so did China. Even a member of the commission itself said that they were not sure if in fact China was behind the reported incidents. In fact, the hacking claim itself was based on what NASA called “two suspicious events.”

“NASA experienced two suspicious events with the Terra spacecraft in the summer and fall of 2008. There was no manipulation of data, no commands successfully sent to the satellite, and no data captured,” a statement explains.

Again, there was no planned attack on NASA by Anonymous. This incident just goes to show that the name Anonymous can easily be used to invoke a public response to just about anything. Unfortunately, those trolling public chats will use this for fun from time to time, thus we hear stories that Anonymous is attempting to drive the Rover on Mars.

RelatedAnonymous Targets Australian Spy Agency

RelatedFinFisher "Lawful Interception" Spyware Found in Ten Countries

Related: Anonymous Targets Formula 1 With DDoS Attacks in #OpBahrain

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.