The European Space Agency’s official web shop recently fell victim to a cyberattack that exposed customer payment card information during the checkout process. Hackers injected malicious JavaScript code into the site, generating a fake Stripe payment page that tricked buyers into entering their sensitive data. The online store, known for selling ESA merchandise, is currently unavailable and displays a notice that it is “temporarily out of orbit.” E-commerce security company Sansec identified the malicious script responsible for collecting customer payment card details.
Investigations revealed that the script created a convincing fraudulent page, presenting itself as part of the official site. The attack was carried out using domain spoofing, with hackers leveraging a similar domain name to the legitimate store. While the official ESA shop operates under the “esaspaceshop.com” domain, the attacker utilized a variant with a .pics TLD (esaspaceshop[.]pics), a tactic that could easily mislead customers.
The European Space Agency, which operates with a budget exceeding 10 billion euros, focuses on advancing space exploration by training astronauts and developing rockets and satellites. However, this security breach poses risks not only to customers but also to ESA employees, given the interconnected nature of its systems.
Hackers breach ESA’s web shop
As the investigation continues, concerns remain regarding the extent of the data accessed and the potential implications for those whose payment information may have been compromised. The malicious script’s use of obfuscated HTML code from the legitimate Stripe SDK adds another layer of complexity to the incident. Customers who have previously made purchases through the ESA web shop are advised to monitor their payment card statements for any unauthorized transactions.
It remains unclear how many individuals may have been affected by the breach, and ESA has not yet released detailed information on the number of potentially impacted customers. The agency has yet to comment publicly on the breach or outline the steps it will take to enhance security moving forward. Stripe, a widely used online payment processing platform, will likely be involved in the ongoing evaluations to help mitigate future risks.
This incident underscores the need for heightened awareness and security measures among online shoppers, particularly concerning sensitive financial transactions. As more details emerge, the full impact of this cyberattack on the European Space Agency’s web shop and its customers will become clearer.
