Forgot your password?
typodupeerror
Botnet Security

Anonymous Supporters Tricked Into Installing Trojan 184

Posted by Soulskill
from the if-you-can't-beat-'em-subsume-'em dept.
dsinc sends this quote from a Symantec report: "In 2011, dozens of Anonymous members who participated in distributed denial-of-service (DDoS) attacks in support of Anonymous hacktivism causes were arrested. In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous. In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users' online banking credentials, webmail credentials, and cookies. The deception of Anonymous supporters began on January 20, 2012, the day of the FBI Megaupload raid."
This discussion has been archived. No new comments can be posted.

Anonymous Supporters Tricked Into Installing Trojan

Comments Filter:
  • by Anonymous Coward

    Further proof the bulk of "anonymous" are just brainless sheep on image boards.

    • by arth1 (260657) on Saturday March 03, 2012 @05:04PM (#39233743) Homepage Journal

      Further proof the bulk of "anonymous" are just brainless sheep on image boards.

      Sheep? Yeah, most of them are. Much like anything popular, what you're mainly going to attract are sheep.

      Brainless? Some, sure. I saw one that had decorated her Guy Fawkes mask "to make it prettier". Um. Yeah, brainless. But I think you'll find some smart ones too, if you look hard.

      Image boards? Nothing in TFA points to that. It's easy to think of Anonymous as a bunch of 4channers, but that's not really true anymore, if it ever was. IRC and Twitter are probably more popular than image boards for those who go beyond just sniffing at Anon. Probably Facebook too for the more careless ones. But there's very little Anonymous on image boards these days.

      • That's exactly what they'd want us to think, arth1. Or should I say ... anon1?
        • You don't get anything done on a public imageboard, unless that thing you're trying to do is posting porn/shock and gore/kittens/stupid image macros. Any serious organization is done in IRC or elsewhere. I took part in the RL protests against Scientology, but I'm not particularly interested in joining along in DDOSing large organizations with lots of lawyers.
  • by Anonymous Coward on Saturday March 03, 2012 @04:56PM (#39233655)

    Anonymous members don't have bank accounts.

  • by lostsoulz (1631651) on Saturday March 03, 2012 @04:57PM (#39233671)

    Installing software that allows a third party to orchestrate DDoS? Sounds legit...

    • Re: (Score:3, Insightful)

      by Sorthum (123064)

      The circumstances surrounding this make it very hard to be sympathetic to people who get hit by it. "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

      • by arth1 (260657) on Saturday March 03, 2012 @05:11PM (#39233793) Homepage Journal

        "My banking information was compromised, and all I wanted to do was help take down the website of some entity that displeased me today" isn't really a rallying cry many people can get behind.

        Well, no. It's too long.
        "Tits, for great justice!" is shorter.

        Who said that a battle cry has to reflect all your causes? I don't see US marines crying "to protect the dollar being usurped as de facto currency for international oil trade" either. Instead they go with a slogan they don't know what means, don't know how to pronounce, but is short and goes well with beer.

        • by X0563511 (793323)

          ... er, every marine I know damn well knows what it means, even if they can't say it right.

        • by rssrss (686344)

          "Tits, for great justice!" is shorter.

          Annonymous will never be able to use that one.

        • Instead they go with a slogan they don't know what means, don't know how to pronounce, but is short and goes well with beer.

          Apparently you can be bigoted (as long as it is against soldiers), and still get a +5 here on slashdot. Well done.

      • by rtb61 (674572)

        Sorry, but, my machine was compromised, end of story. Once it has been established the machine was compromised the owner of the machine is now guilty of nothing done by that machine.

        The fact that the machine is compromised breaks the 'guilty beyond reasonable doubt'. All the evidence on that machine is now questionable. In fact the only evidence on the machine that is valid is the existence of a Trojan, the perfect 'ALIBI'.

        So in this case, some amateur online activists will have been saved by their own

    • by K. S. Kyosuke (729550) on Saturday March 03, 2012 @05:35PM (#39233937)
      What about running it in a sandbox? It's not like a DDOS tool needs to access your files, is it?
      • by X0563511 (793323)

        Smart idea on several levels. Make a tiny VM, and if your spidey-sense tingles, shred the disk file.

        • by Anonymous Coward

          Even better...

          1) Install DDOS trojan on an old pc you have laying around;
          2) Packet away at $enemy_of_the_day!
          3) When/if the police come knocking at your door, play dumb (i.e. plausible deniability) and show them your malware-ridden old pc (for bonus points, install Antivirus2013 and friends, just to make the malware infection seem obvious)
          4) ???
          5) PROFIT! (or, at least, not jail)

          I'm actually surprised Anonymous hasn't come up with something like this before...

          • by tsotha (720379)

            for bonus points, install Antivirus2013 and friends, just to make the malware infection seem obvious

            And it has the added effect of delaying any action by the cops for at least a week while they try to boot it up.

      • by icebraining (1313345) on Saturday March 03, 2012 @08:46PM (#39235055) Homepage

        If you know enough to use a sandbox, you shouldn't be using LOIC to DoS a webserver anyway, since it's not effective. Something that works at the HTTP level (like Slowloris [wikipedia.org] for Apache servers) will be way more effective.

    • by Shavano (2541114)

      It's gratifying to see one of my dark predictions realized even if it does mean that a lot of morons got ripped off.

    • by memnock (466995)

      Initially I supported Anonymous. It seemed like they were actually a group that stood up to organizations that abused power.

      However, it seems that some of the "members " of Anonymous have taken to abusing the power they themselves accumulated. Perhaps there are still people in that group who would rather crack FBI and intelligence company sites to upset their operations, but those divergent members who are using the Anonymous abilities and name to commit crimes against supporters are making Anonymous as a w

      • Anonymous started out by raiding forums for epileptics and posting images designed to trigger seizures.

        Being for or against Anonymous is meaningless. They're not a group with a purpose and a manifesto, they'll do whatever the random group of people who call themselves Anonymous that day will want to do.

      • Well, whoever rose up to wield any significant amount of power learned also to steer their potential opposition to harmless or self-destructing activities. It is not like a game of chess, it is like checkers, a banal move to do, the "panem et circenses" way, or the "emmanuel goldstein"way.

        You feel like you have to deal with tattoos, drugs, loud music, DDoS, fight with police, and be a loner to be against the system? Doesn't all that make you easier to be sorted out from the "ordinary sheep" instead?

  • Time for the sheep to be sheared....

  • by Anonymous Coward

    We are supposed to feel bad for these guys that were attempting to engage in premeditated malicious behavior, and in doing so they ended up getting robbed by someone else that took advantage of their stupidity?

    It sounds like your basic con: Person #1 offers something Person #2 wants at a great deal. Person #2 is really greedy, and tries to trick Person #1 into a deal where Person #1 is at a disadvantage. Person #1 agrees to this as Person #1 was never at a disadvantage and Person #2 would have lost regardle

    • Re: (Score:3, Funny)

      No, you're supposed to sit back, condescend, and radiate a false sense of superiority. You're right on track. Keep it up.
  • FBI? (Score:5, Insightful)

    by Black Parrot (19622) on Saturday March 03, 2012 @05:18PM (#39233849)

    The summary and TFA seem to hint that this is an FBI sting, but the details don't seem to support that.

    Maybe more will come out about it later.

    • by Spykk (823586)
      It sounds like plausible deniability to me. "I didn't DDOS that bank, it must have been that crazy Zeus trojan I got somehow!"
  • by AlphaWolf_HK (692722) on Saturday March 03, 2012 @05:28PM (#39233899)

    Seriously, the only purpose of a DDoS is to prevent somebody from being able to speak. I'm a huge advocate of freedom of speech, I love it when everybody is able to say whatever they want to say, and that includes people I don't like. I hate the MPAA/RIAA as much as anybody, but I want them to be able to say what they say. Websites are a form of speech, regardless of whether their purpose is to sell goods or to issue propaganda.

    When you shut down those websites (like anonymous tried to do with the vatican) you are no better than the mafia; just trying to shut somebody up for the sole purpose that you don't like them. To these people, freedom of speech is good but only when they agree with the person who is speaking. That is just fucked up and goes against everything our democracy stands for; so I say fuck anonymous. If they want to spread the truth about the bad things that an organization does (like they did with scientology,) that is perfectly acceptable, but shutting them up is not.

    To me this is poetic justice. No, I don't like to see people getting their identity stolen, but participating in inhibiting somebody else's ability to speak is just bad form, and I hope they get prosecuted to the fullest extent of the law.

    • by Anonymous Coward on Saturday March 03, 2012 @05:46PM (#39234015)

      Picket Brick'N'Mortar store or DDOS OnlineStore.com... what speech is being halted? Either can still speak out (Press releases, backup location/sites, etc). The price is business lost, customers frustrated that shop elsewhere, bad press, etc

      You CAN stifle speech via DDOS, but to say it's the ONLY reason for doing it? that's a bit short sighted to say the least. Ignoring the forest for the tree you've focused on.

      • Re: (Score:3, Insightful)

        by xyzzyman (811669)
        If you picket Walmart, you aren't physically stopping others from shopping there as they normally would. If you DDOS Walmart.com, you are stopping people from shopping there.
      • The price is business lost, customers frustrated that shop elsewhere, bad press, etc

        So in other words, it is up to you to tell their customers where they are and are not allowed to shop? If not by kicking their customers out of their store, then by forcing them out of business simply because you disagree with them? That sounds a bit arrogant, and is certainly not in the spirit of freedom.

        When godaddy supported SOPA, they didn't deserve to be DDoS'ed (and as far as I am aware, they weren't) however their cus

    • by Anonymous Coward

      A DoS rarely suppresses speech. It usually draws attention to points of view given by both the DoS-er and the DoS-ee. The mainstream news reports covering DoS don't commonly ignore one side of the argument. Besides, anyone who gets DoS-ed can just get another website for $20/month a spout more nonsense. Your post sounds nice, but I think you miss the point.

      • by Dan541 (1032000)

        Besides, anyone who gets DoS-ed can just get another website for $20/month a spout more nonsense. Your post sounds nice, but I think you miss the point.

        Oh so if we disagree with you you'll be happy to pay $20?
        I think you're sprouting nonsense, please PayPal me $20 to Dan@danscomp.net

        Thank You,

    • by nstlgc (945418) on Saturday March 03, 2012 @05:48PM (#39234037)
      The only purpose of a DDoS is to prevent somebody from being able to speak? Seriously? As far as I can tell they serve mostly a symbolic meaning. DDoS'ing visa.com will not silence Visa. DDoS'ing the site of Interpol will do nothing that hinders the working of Interpol in any way. Or do you actually believe that shutting down the Vatican website will mute the Vatican? No, I didn't think so either. But it makes for a great strawman argument, doesn't it?

      Of course, DDoS *could* be used to silence someone who's only way of speaking out is through a narrow band on the Internet. And it probably is, too. But not in these cases.
      • If that isn't the purpose, then what is the purpose? You just don't like them and you want them gone? You just don't want them to be able to do business? Just because you don't want them to exist, means they don't have the right to?

        How is any of this in the spirit of democracy and freedom of expression?

      • by Raenex (947668)

        Of course, DDoS *could* be used to silence someone who's only way of speaking out is through a narrow band on the Internet. And it probably is, too. But not in these cases.

        So it's OK to shut down somebody's website if they can open up another one? This is terrible reasoning.

    • I always thought the purpose of a DDoS was to make them stop and scratch.

    • by travbrad (622986)

      I think it's pretty ridiculous to think DDoSing RIAA/MPAA is going to do anything anyway. Does anyone actually visit those sites?

      • by Dan541 (1032000)

        I would have thought DDoSing the mail server would cause more operational problems for most organisations. Although looking up a simple MX record is probably beyond the technical ability of your average anon.

    • by Dan541 (1032000)

      I totally agree with you. Anonymous is a censorship movement, free-speech means allowing people you disagree with to speak.

      It's also worth noting that Anonymous once vowed to destroy Facebook for privacy violations, yet Anonymous routinely leaks data private data of innocent people.

    • Isn't a DDos also a form of speech? It might just be screaming nonsense at someone, making it impossible for anyone to hear what that person is saying, but it's still speech.

  • HOW? (Score:2, Informative)

    by Iceykitsune (1059892)
    And this, people, is why you should only download software from the devs website.
  • It simply shows... (Score:2, Interesting)

    by wbr1 (2538558)
    That Anonymous does not have any moral ground to stand on. Sure they may fight the man, but they'll have no compunction about robbing you blind either. That's not Robin Hood its street punk gangsta with a computer.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      How exactly does this show 'Anonymous' has no moral high ground to stand on? There is no they. It isn't a group with a specific set of ideas or 'morals'. There is no leader. Participants come and go as they please and even contradict each other. Some may participate in attacks against the government while others participate in attacks in favour of the government. Some may reject attacks alltogether.

    • There's a difference between Hackers and Crackers...

      In Anonymous there's probably 4-5 hackers, and 20+ crackers, 1000+ script kiddies + 10.000 fanboys.

    • by sociocapitalist (2471722) on Saturday March 03, 2012 @06:39PM (#39234357)

      If I understood TFA correctly, the trojan was not distributed by Anonymous but by others who basically hijacked the distro, redirecting the wannabee DDOSers to another executable which contained the trojan.

    • That Anonymous does not have any moral ground to stand on.

      They have no moral high ground? Sounds like an opinion.

      In any case, considering their past actions, what makes this case special? If they have no moral high ground now, shouldn't someone have realized in the past that they didn't have it then? I think they should've realized such a thing sooner.

  • I have about as much sympathy for the people victimized by this scheme as I do for people that sign up for 419 scams where the come-on letter is clearly asking the recipient to engage in money laundering, theft, and blatant violations of tax and banking laws.

    If you install malicious software on your computer on purpose, I have ZERO sympathy for you when it turns out the software includes you in the list of victims.

  • I think Anonymous basically are 4 - 5 really skilled people that really knows what they're doing, the rest is just a bunch of posers and script-kiddies that does whatever Anonymous want them to do - in fact, the worst posers probably does exactly what anonymous doesn't want them to do as well, since there are no real connection between them, no real mail, no real addresses - just random causes that some follow or not.

    If there's an outrage in the world, it's very easy to make a distorted video, put on a guy

    • When I look about the hacks that happened so far, I can't really agree with this. I'm not going to say that they are not skilled, but what happened so far was more a matter of rather simple, standard injection attacks, similar to the attempts I find thousands a day in our IDS/IPS logs. Attacks that would have been found in a standard security audit, I might add.

      In a nutshell, what Anonymous hacked so far were companies whose disregard for security borders on stupidity. And I say stupidity because I don't kn

  • I was having a look at one annonymous IRC channel more than a month ago, and I saw a few guys asking for a link to the "LOIC without the trojan".
    I assume this is the same one they are talking about in this article; so this not relly new.

  • I find it quite ironic that Symantec, a company whose "antivirus" utilities allow the most virii into machines (both O/S and the antivirus software itself) and exhibits the most virus-like behavior when you try and remove it, is publishing the report.

    I've had quite a few associates with virii over the last 12 months and each and every one of them had either Symantec Internet Security, McAfee or MS Security that were supposedly defending their systems. Every case of infection required a complete O/S reinsta

    • by kyrio (1091003)
      I don't see how the inability to program a properly functioning piece of software has anything to do with the ability to write an article about how downloading software from random links will get you infected.
      • The OP said the report was from Symantec, I found it humorous and opined. Don't like it, don't read it.
        • by kyrio (1091003)
          No, it has nothing to do with that. You're trying to say that Symantec is unable to write a report about some event or fact because their software sucks at catching a virus.
  • I installed a virus on my computer! I didn't realize it would do something bad!

  • Spread links to "LOIC" downloads through Twitter, Facebook and random forums. Attain control of hundreds, if not thousands of computers. This is why you verify a clean source for your downloads, so you don't get infected by viruses. It's part of the Common Sense 2012 Anti-Virus Suite.
  • pwn3d.
  • ...works.

    It really does amaze me that humans ever managed to crawl out of the evolutionary cesspool. We spend far too much effort attempting to protect the stupid. We should let the universe do much more pruning of the dead wood. Here's your sign...
       

  • Once again Anonymous has proven it isn't about robbing the rich and giving to the poor. They're out to fuck anyone who will sip from their cocktail they left unattended. Those who were compromised: you deserved it, now learn from it.
  • The self-proclaimed "elite hackers" don't even know enough about system security to protect THEMSELVES. I absolutely LOVE it when the arrogant get taken down a notch through their own ineptitude.

    Mind you, these are the same people that are surprised when police and three-letter agencies come a-knockin' at their doors with charges in South America and elsewhere. I find it so amusing that "security experts" don't understand how easy it is for three-letter agencies with access to ISP resources to track an

I'm a Lisp variable -- bind me!

Working...