Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Supporters Tricked Into Installing Trojan

Posted by Soulskill on from the if-you-can't-beat-'em-subsume-'em dept.

dsinc sends this quote from a Symantec report: "In 2011, dozens of Anonymous members who participated in distributed denial-of-service (DDoS) attacks in support of Anonymous hacktivism causes were arrested. In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous. In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users' online banking credentials, webmail credentials, and cookies. The deception of Anonymous supporters began on January 20, 2012, the day of the FBI Megaupload raid."

32 of 184 comments (clear)

  1. Not hackers? Shocking! by Anonymous Coward · · Score: 2, Insightful

    Further proof the bulk of "anonymous" are just brainless sheep on image boards.

    1. Re:Not hackers? Shocking! by arth1 · · Score: 5, Insightful

      Further proof the bulk of "anonymous" are just brainless sheep on image boards.

      Sheep? Yeah, most of them are. Much like anything popular, what you're mainly going to attract are sheep.

      Brainless? Some, sure. I saw one that had decorated her Guy Fawkes mask "to make it prettier". Um. Yeah, brainless. But I think you'll find some smart ones too, if you look hard.

      Image boards? Nothing in TFA points to that. It's easy to think of Anonymous as a bunch of 4channers, but that's not really true anymore, if it ever was. IRC and Twitter are probably more popular than image boards for those who go beyond just sniffing at Anon. Probably Facebook too for the more careless ones. But there's very little Anonymous on image boards these days.

    2. Re:Not hackers? Shocking! by YodasEvilTwin · · Score: 2

      That's exactly what they'd want us to think, arth1. Or should I say ... anon1?

  2. Jokes on them! by Anonymous Coward · · Score: 5, Funny

    Anonymous members don't have bank accounts.

    1. Re:Jokes on them! by um...+Lucas · · Score: 3, Interesting

      Or all the funds are transferred to a single account owned by some authority, who can then trace back who was participating in the ddos attacks by subpoenaing from banks the identities of all the accounts that had automated transfers made into the master account. Think fighting fire with fire.

    2. Re:Jokes on them! by X0563511 · · Score: 2

      I'm pretty sure any evidence gathered that way will be inadmissible.

      That said, that would tell them who to focus their energy on. Once they did that, I'm sure piles of legitimate evidence would start appearing.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    3. Re:Jokes on them! by soundguy · · Score: 3, Funny

      Skills that are fully buzzword-compliant as opposed to coding in Cobol, manufacturing buggy whips, or operating a VCR. If you can fully actualize the cloud paradigm, you're hired!

      --
      Nothing worthwhile ever happens before noon
  3. what could go wrong? by lostsoulz · · Score: 5, Funny

    Installing software that allows a third party to orchestrate DDoS? Sounds legit...

    1. Re:what could go wrong? by Sorthum · · Score: 3, Insightful

      The circumstances surrounding this make it very hard to be sympathetic to people who get hit by it. "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

    2. Re:what could go wrong? by arth1 · · Score: 4, Insightful

      "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

      Well, no. It's too long.
      "Tits, for great justice!" is shorter.

      Who said that a battle cry has to reflect all your causes? I don't see US marines crying "to protect the dollar being usurped as de facto currency for international oil trade" either. Instead they go with a slogan they don't know what means, don't know how to pronounce, but is short and goes well with beer.

    3. Re:what could go wrong? by K.+S.+Kyosuke · · Score: 5, Interesting

      What about running it in a sandbox? It's not like a DDOS tool needs to access your files, is it?

      --
      Ezekiel 23:20
    4. Re:what could go wrong? by X0563511 · · Score: 2

      ... er, every marine I know damn well knows what it means, even if they can't say it right.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    5. Re:what could go wrong? by icebraining · · Score: 3, Informative

      If you know enough to use a sandbox, you shouldn't be using LOIC to DoS a webserver anyway, since it's not effective. Something that works at the HTTP level (like Slowloris for Apache servers) will be way more effective.

      --
      Dilbert RSS feed
    6. Re:what could go wrong? by icebraining · · Score: 2

      Anonymous started out by raiding forums for epileptics and posting images designed to trigger seizures.

      Being for or against Anonymous is meaningless. They're not a group with a purpose and a manifesto, they'll do whatever the random group of people who call themselves Anonymous that day will want to do.

      --
      Dilbert RSS feed
    7. Re:what could go wrong? by icebraining · · Score: 3, Funny

      Because one can easily recognize their own kind?

      --
      Dilbert RSS feed
  4. Re:Reminds me of prohibition by Sevalecan · · Score: 2

    It would not surprise me if they are doing the same to make Anonymous look like evil crackers and criminals.

    Anonymous does a pretty good job of that themselves, if you ask me.

  5. They don't need them by Viol8 · · Score: 5, Funny

    The pocket money they get from mummy and daddy doesn't make it worth while.

  6. Re:Reminds me of prohibition by abigsmurf · · Score: 5, Funny

    Yeah, screw the government.

    Just the other day, I learnt that the awful smell of natural gas is actually because of something they add to gas and that it wouldn't smell if they didn't have it! Now, whenever my pilot light goes off or I don't quite turn the oven off, my house absolutely stinks! The smell's so bad that last time it happened, when I wanted to smoke, I had to go outside, and get well away from the house to escape the smell!

    Why can't the government accept that not everyone uses these so called 'dangerous substances' like they seem to think they should be used?

  7. FBI? by Black+Parrot · · Score: 5, Insightful

    The summary and TFA seem to hint that this is an FBI sting, but the details don't seem to support that.

    Maybe more will come out about it later.

    --
    Sheesh, evil *and* a jerk. -- Jade
  8. DDoS'ing is comparable to a mafia hit by AlphaWolf_HK · · Score: 3, Interesting

    Seriously, the only purpose of a DDoS is to prevent somebody from being able to speak. I'm a huge advocate of freedom of speech, I love it when everybody is able to say whatever they want to say, and that includes people I don't like. I hate the MPAA/RIAA as much as anybody, but I want them to be able to say what they say. Websites are a form of speech, regardless of whether their purpose is to sell goods or to issue propaganda.

    When you shut down those websites (like anonymous tried to do with the vatican) you are no better than the mafia; just trying to shut somebody up for the sole purpose that you don't like them. To these people, freedom of speech is good but only when they agree with the person who is speaking. That is just fucked up and goes against everything our democracy stands for; so I say fuck anonymous. If they want to spread the truth about the bad things that an organization does (like they did with scientology,) that is perfectly acceptable, but shutting them up is not.

    To me this is poetic justice. No, I don't like to see people getting their identity stolen, but participating in inhibiting somebody else's ability to speak is just bad form, and I hope they get prosecuted to the fullest extent of the law.

    --
    Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
    1. Re:DDoS'ing is comparable to a mafia hit by Anonymous Coward · · Score: 4, Interesting

      Picket Brick'N'Mortar store or DDOS OnlineStore.com... what speech is being halted? Either can still speak out (Press releases, backup location/sites, etc). The price is business lost, customers frustrated that shop elsewhere, bad press, etc

      You CAN stifle speech via DDOS, but to say it's the ONLY reason for doing it? that's a bit short sighted to say the least. Ignoring the forest for the tree you've focused on.

    2. Re:DDoS'ing is comparable to a mafia hit by nstlgc · · Score: 3, Insightful

      The only purpose of a DDoS is to prevent somebody from being able to speak? Seriously? As far as I can tell they serve mostly a symbolic meaning. DDoS'ing visa.com will not silence Visa. DDoS'ing the site of Interpol will do nothing that hinders the working of Interpol in any way. Or do you actually believe that shutting down the Vatican website will mute the Vatican? No, I didn't think so either. But it makes for a great strawman argument, doesn't it?

      Of course, DDoS *could* be used to silence someone who's only way of speaking out is through a narrow band on the Internet. And it probably is, too. But not in these cases.

      --
      I'm Rocco. I'm the +5 Funny man.
    3. Re:DDoS'ing is comparable to a mafia hit by xyzzyman · · Score: 3, Insightful

      If you picket Walmart, you aren't physically stopping others from shopping there as they normally would. If you DDOS Walmart.com, you are stopping people from shopping there.

    4. Re:DDoS'ing is comparable to a mafia hit by AlphaWolf_HK · · Score: 2

      The price is business lost, customers frustrated that shop elsewhere, bad press, etc

      So in other words, it is up to you to tell their customers where they are and are not allowed to shop? If not by kicking their customers out of their store, then by forcing them out of business simply because you disagree with them? That sounds a bit arrogant, and is certainly not in the spirit of freedom.

      When godaddy supported SOPA, they didn't deserve to be DDoS'ed (and as far as I am aware, they weren't) however their customers are free to do business with somebody else. That is democracy; forcing them out of business is not.

      --
      Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
  9. HOW? by Iceykitsune · · Score: 2, Informative

    And this, people, is why you should only download software from the devs website.

    --
    GENERATION 24: The first time you see this, copy it into your sig on any forum and add 1 to the generation. Social exper
  10. It simply shows... by wbr1 · · Score: 2, Interesting

    That Anonymous does not have any moral ground to stand on. Sure they may fight the man, but they'll have no compunction about robbing you blind either. That's not Robin Hood its street punk gangsta with a computer.

    --
    Silence is a state of mime.
    1. Re:It simply shows... by Anonymous Coward · · Score: 2, Interesting

      How exactly does this show 'Anonymous' has no moral high ground to stand on? There is no they. It isn't a group with a specific set of ideas or 'morals'. There is no leader. Participants come and go as they please and even contradict each other. Some may participate in attacks against the government while others participate in attacks in favour of the government. Some may reject attacks alltogether.

    2. Re:It simply shows... by MindPrison · · Score: 2

      There's a difference between Hackers and Crackers...

      In Anonymous there's probably 4-5 hackers, and 20+ crackers, 1000+ script kiddies + 10.000 fanboys.

      --
      What this world is coming to - is for you and me to decide.
    3. Re:It simply shows... by sociocapitalist · · Score: 4, Insightful

      If I understood TFA correctly, the trojan was not distributed by Anonymous but by others who basically hijacked the distro, redirecting the wannabee DDOSers to another executable which contained the trojan.

      --
      blindly antisocialist = antisocial
  11. Re:So let me see if I understand this: by Tommy+Bologna · · Score: 3, Funny

    No, you're supposed to sit back, condescend, and radiate a false sense of superiority. You're right on track. Keep it up.

  12. Re:Reminds me of prohibition by tragedy · · Score: 3, Informative

    The difference being that adding a scent to natural gas saves lives, but adding poison to industrial alcohol definitely kills people. At least tens of thousands of people died from alcohol the government intentionally poisoned during prohibition. The government's position, of course, was that it was entirely the fault of the bootleggers who distilled that alcohol for human consumption and of the people who drank it. The reality is that it was a terror campaign run by the US government and the fact that those who died were breaking the law doesn't in any way excuse it.

  13. Re:Reminds me of prohibition by tragedy · · Score: 4, Informative

    No it was poisonous, industrial alcohol has always needed to be poisoned to be legal they just changed the ingredients of this poison to stop people getting around it.

    Your statement is self-contradictory. You claim that the industrial ethanol was somehow magically poisonous despite the fact that, as you admit, it was only poisonous in order to kill people who tried to drink it. Now, some industrial alcohol did need more distillation to be safer for consumption while other industrial alcohol conversely was contaminated with benzene (although in pretty much safe trace amounts) from the extreme distillation process it had been through (to remove all the water). None of it was toxic on anything like the levels it became toxic after the poisoning program. Also, that "always needed to be poisoned" scenario you mention isn't really true. That program started during prohibition.

    You said that "they did not add poison to kill people, they added it to make it not drinkable". The reason that it wasn't drinkable after the poison was added was because it killed people. The poison was a terror weapon designed to terrify people away from bootlegged alcohol for fear that they would die. To accomplish this goal, the poisoners were deliberately killing people.

    I believe you that at no point were they trying to _secretly_ poison prohibition criminals. It wasn't much of a secret, they were reasonably up front about it. They did keep the information on the constantly changing mixture of poisons they were using secret so as to present a moving target to the chemists working for the bootleggers, however. The obvious consequence of this is that the bootleggers would be selling safe alcohol made from industrial alcohol one day and the next batch would be poisonous. You can claim that the poisoners were just naive innocents. I think that's unlikely, but even if it's true, it still makes them guilty of manslaughter.