Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Supporters Tricked Into Installing Trojan

Posted by Soulskill on from the if-you-can't-beat-'em-subsume-'em dept.

dsinc sends this quote from a Symantec report: "In 2011, dozens of Anonymous members who participated in distributed denial-of-service (DDoS) attacks in support of Anonymous hacktivism causes were arrested. In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous. In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users' online banking credentials, webmail credentials, and cookies. The deception of Anonymous supporters began on January 20, 2012, the day of the FBI Megaupload raid."

21 of 184 comments (clear)

  1. Jokes on them! by Anonymous Coward · · Score: 5, Funny

    Anonymous members don't have bank accounts.

    1. Re:Jokes on them! by um...+Lucas · · Score: 3, Interesting

      Or all the funds are transferred to a single account owned by some authority, who can then trace back who was participating in the ddos attacks by subpoenaing from banks the identities of all the accounts that had automated transfers made into the master account. Think fighting fire with fire.

    2. Re:Jokes on them! by soundguy · · Score: 3, Funny

      Skills that are fully buzzword-compliant as opposed to coding in Cobol, manufacturing buggy whips, or operating a VCR. If you can fully actualize the cloud paradigm, you're hired!

      --
      Nothing worthwhile ever happens before noon
  2. what could go wrong? by lostsoulz · · Score: 5, Funny

    Installing software that allows a third party to orchestrate DDoS? Sounds legit...

    1. Re:what could go wrong? by Sorthum · · Score: 3, Insightful

      The circumstances surrounding this make it very hard to be sympathetic to people who get hit by it. "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

    2. Re:what could go wrong? by arth1 · · Score: 4, Insightful

      "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

      Well, no. It's too long.
      "Tits, for great justice!" is shorter.

      Who said that a battle cry has to reflect all your causes? I don't see US marines crying "to protect the dollar being usurped as de facto currency for international oil trade" either. Instead they go with a slogan they don't know what means, don't know how to pronounce, but is short and goes well with beer.

    3. Re:what could go wrong? by K.+S.+Kyosuke · · Score: 5, Interesting

      What about running it in a sandbox? It's not like a DDOS tool needs to access your files, is it?

      --
      Ezekiel 23:20
    4. Re:what could go wrong? by icebraining · · Score: 3, Informative

      If you know enough to use a sandbox, you shouldn't be using LOIC to DoS a webserver anyway, since it's not effective. Something that works at the HTTP level (like Slowloris for Apache servers) will be way more effective.

      --
      Dilbert RSS feed
    5. Re:what could go wrong? by icebraining · · Score: 3, Funny

      Because one can easily recognize their own kind?

      --
      Dilbert RSS feed
  3. Re:Not hackers? Shocking! by arth1 · · Score: 5, Insightful

    Further proof the bulk of "anonymous" are just brainless sheep on image boards.

    Sheep? Yeah, most of them are. Much like anything popular, what you're mainly going to attract are sheep.

    Brainless? Some, sure. I saw one that had decorated her Guy Fawkes mask "to make it prettier". Um. Yeah, brainless. But I think you'll find some smart ones too, if you look hard.

    Image boards? Nothing in TFA points to that. It's easy to think of Anonymous as a bunch of 4channers, but that's not really true anymore, if it ever was. IRC and Twitter are probably more popular than image boards for those who go beyond just sniffing at Anon. Probably Facebook too for the more careless ones. But there's very little Anonymous on image boards these days.

  4. They don't need them by Viol8 · · Score: 5, Funny

    The pocket money they get from mummy and daddy doesn't make it worth while.

  5. Re:Reminds me of prohibition by abigsmurf · · Score: 5, Funny

    Yeah, screw the government.

    Just the other day, I learnt that the awful smell of natural gas is actually because of something they add to gas and that it wouldn't smell if they didn't have it! Now, whenever my pilot light goes off or I don't quite turn the oven off, my house absolutely stinks! The smell's so bad that last time it happened, when I wanted to smoke, I had to go outside, and get well away from the house to escape the smell!

    Why can't the government accept that not everyone uses these so called 'dangerous substances' like they seem to think they should be used?

  6. FBI? by Black+Parrot · · Score: 5, Insightful

    The summary and TFA seem to hint that this is an FBI sting, but the details don't seem to support that.

    Maybe more will come out about it later.

    --
    Sheesh, evil *and* a jerk. -- Jade
  7. DDoS'ing is comparable to a mafia hit by AlphaWolf_HK · · Score: 3, Interesting

    Seriously, the only purpose of a DDoS is to prevent somebody from being able to speak. I'm a huge advocate of freedom of speech, I love it when everybody is able to say whatever they want to say, and that includes people I don't like. I hate the MPAA/RIAA as much as anybody, but I want them to be able to say what they say. Websites are a form of speech, regardless of whether their purpose is to sell goods or to issue propaganda.

    When you shut down those websites (like anonymous tried to do with the vatican) you are no better than the mafia; just trying to shut somebody up for the sole purpose that you don't like them. To these people, freedom of speech is good but only when they agree with the person who is speaking. That is just fucked up and goes against everything our democracy stands for; so I say fuck anonymous. If they want to spread the truth about the bad things that an organization does (like they did with scientology,) that is perfectly acceptable, but shutting them up is not.

    To me this is poetic justice. No, I don't like to see people getting their identity stolen, but participating in inhibiting somebody else's ability to speak is just bad form, and I hope they get prosecuted to the fullest extent of the law.

    --
    Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
    1. Re:DDoS'ing is comparable to a mafia hit by Anonymous Coward · · Score: 4, Interesting

      Picket Brick'N'Mortar store or DDOS OnlineStore.com... what speech is being halted? Either can still speak out (Press releases, backup location/sites, etc). The price is business lost, customers frustrated that shop elsewhere, bad press, etc

      You CAN stifle speech via DDOS, but to say it's the ONLY reason for doing it? that's a bit short sighted to say the least. Ignoring the forest for the tree you've focused on.

    2. Re:DDoS'ing is comparable to a mafia hit by nstlgc · · Score: 3, Insightful

      The only purpose of a DDoS is to prevent somebody from being able to speak? Seriously? As far as I can tell they serve mostly a symbolic meaning. DDoS'ing visa.com will not silence Visa. DDoS'ing the site of Interpol will do nothing that hinders the working of Interpol in any way. Or do you actually believe that shutting down the Vatican website will mute the Vatican? No, I didn't think so either. But it makes for a great strawman argument, doesn't it?

      Of course, DDoS *could* be used to silence someone who's only way of speaking out is through a narrow band on the Internet. And it probably is, too. But not in these cases.

      --
      I'm Rocco. I'm the +5 Funny man.
    3. Re:DDoS'ing is comparable to a mafia hit by xyzzyman · · Score: 3, Insightful

      If you picket Walmart, you aren't physically stopping others from shopping there as they normally would. If you DDOS Walmart.com, you are stopping people from shopping there.

  8. Re:It simply shows... by sociocapitalist · · Score: 4, Insightful

    If I understood TFA correctly, the trojan was not distributed by Anonymous but by others who basically hijacked the distro, redirecting the wannabee DDOSers to another executable which contained the trojan.

    --
    blindly antisocialist = antisocial
  9. Re:So let me see if I understand this: by Tommy+Bologna · · Score: 3, Funny

    No, you're supposed to sit back, condescend, and radiate a false sense of superiority. You're right on track. Keep it up.

  10. Re:Reminds me of prohibition by tragedy · · Score: 3, Informative

    The difference being that adding a scent to natural gas saves lives, but adding poison to industrial alcohol definitely kills people. At least tens of thousands of people died from alcohol the government intentionally poisoned during prohibition. The government's position, of course, was that it was entirely the fault of the bootleggers who distilled that alcohol for human consumption and of the people who drank it. The reality is that it was a terror campaign run by the US government and the fact that those who died were breaking the law doesn't in any way excuse it.

  11. Re:Reminds me of prohibition by tragedy · · Score: 4, Informative

    No it was poisonous, industrial alcohol has always needed to be poisoned to be legal they just changed the ingredients of this poison to stop people getting around it.

    Your statement is self-contradictory. You claim that the industrial ethanol was somehow magically poisonous despite the fact that, as you admit, it was only poisonous in order to kill people who tried to drink it. Now, some industrial alcohol did need more distillation to be safer for consumption while other industrial alcohol conversely was contaminated with benzene (although in pretty much safe trace amounts) from the extreme distillation process it had been through (to remove all the water). None of it was toxic on anything like the levels it became toxic after the poisoning program. Also, that "always needed to be poisoned" scenario you mention isn't really true. That program started during prohibition.

    You said that "they did not add poison to kill people, they added it to make it not drinkable". The reason that it wasn't drinkable after the poison was added was because it killed people. The poison was a terror weapon designed to terrify people away from bootlegged alcohol for fear that they would die. To accomplish this goal, the poisoners were deliberately killing people.

    I believe you that at no point were they trying to _secretly_ poison prohibition criminals. It wasn't much of a secret, they were reasonably up front about it. They did keep the information on the constantly changing mixture of poisons they were using secret so as to present a moving target to the chemists working for the bootleggers, however. The obvious consequence of this is that the bootleggers would be selling safe alcohol made from industrial alcohol one day and the next batch would be poisonous. You can claim that the poisoners were just naive innocents. I think that's unlikely, but even if it's true, it still makes them guilty of manslaughter.