21 
Membership in the Anonymous hacker collective is not without its dangers—and I don’t mean just the 25 Guys in custody. Turns out that someone slipped a Trojan into some popular Anon DDoS software and has been stealing bank info from anyone that runs it.
Slowloris is a popular, easy-to-use, distributed denial-of-service (DDoS) program named in an Anonymous-backed list of attack tools that began circulating after the Feds yanked MegaUpload. Not on the approved list, however, was the Zeus Trojan that someone conveniently implanted in Slowloris around the same time. Zeus is a malicious piece of software designed to siphon banking credentials from infected systems. And with the poisonous version of Slowloris making the rounds in the MegaUpload backlash, countless users may have unwittingly compromised their own bank accounts in their attempts to play “hacktivist.”
The exploit was discovered by Symantec. “Not only will supporters be breaking the law by participating in DoS attacks on Anonymous hacktivism targets,” Symantec wrote, “but may also be at risk of having their online banking and email credentials stolen.”
So congratulations script kiddies, I’m sure the satisfaction of knocking a few websites offline for a couple of hours in that online tantrum was totally worth opening your collective wallets to the Internet. I’m equally sure that whichever slick sumbitch that inserted the Zeus and effortlessly exploited your blind, slavering, eagerness to be part of the crowd shares your high-minded ideals about IP protection policies. [Symantec via MSNBC]
Image: Tatiana Popova / Shutterstock
What a DDoS Attack Looks Like
Accidental Bittorrent DDoS Attacks Neutralised by Updated Clients
Anonymous Wants DDoS Recognised as an Official Form of Protest
good
Gee. never saw this coming
If anything this just proves the people that could actually do serious damage, not just taking down a web page for a day at most, are out there. It’s the ones that we don’t know about that are the most dangerous. Also, it’s not that i condone their behaviour, but i’m always somewhat impressed by the hackers that do things like this. Sneaky buggers…
Conspiracy theory: symantec injected the virus after anonymous stole their code and tried to take money from them as revenge .
Boy are the members of Anonymous dumb. Script kiddies my foot: they are still wearing diapers. Right now their numbers have been reduced considerably until they install the Windows OS on their machine again. I had this battle back and forth in my mind on whether to block bit.ly in my blocking hosts file:
http://www.securemecca.com/Downloads/hosts.txt
I added the comment for you Anonymous. You convinced me all of you are dumb enough that you need that protection. But you won’t take it and you will keep getting your Windows machines infected because that is all you will use. Just search for bit.ly and the comment is right before it. I found many more bit.ly links than just the one Symantec gave and obscured. So Anonymous tipped it in favor of bit.ly being blocked. People will just have to unblock bit.ly temporarilly to get AdBlock stuffed into Chrome. The AdBlock creator just shot themselves in the foot by using a combination tracker / redirector as part of their install. Right now there is this great vortex of wind in the Anonymous camp – SUCKERS!