Have the Tables Turned? Anonymous Members Duped Into Downloading Virus That Steals Banking Information
- Posted on March 7, 2012 at 7:48pm by
Liz Klimas
- Print »
- Email »
According to the security firm Symantec, Anonymous members who participated in distributed denial of service attacks (DDoS) to take down websites with a flood of traffic may have accidentally ended up scamming themselves with a trojan that steals banking information and other personal details.
DDoS attacks are what Anonymous has used to take down the CIA, the American Israel Public Affairs Committee and some FTC websites to name a few in 2012 alone. Conducting an attack such as this, which crashes the target server by overloading it with traffic, requires participants to install a program that allows them to repeatedly target a website.
Symantec explains how the DDoS download called Slowloris included a strain of Zeus trojan horse:
When the Trojanized Slowloris tool is downloaded and executed by an Anonymous supporter, a Zeus (also known as Zbot) botnet client is installed. After installation of the Zeus botnet client, the malware dropper attempts to conceal the infection by replacing itself with the real Slowloris DoS tool. Zeus is an advanced malware program that cannot be easily removed. The Zeus client is being actively used to record and send financial banking credentials and webmail credentials to the botnet operator. Additionally, the botnet is being used to force participation in DoS attacks against Web pages known to be targets of Anonymous hacktivism campaigns.
Here's how it works. (Image: Symantec)
According to Symantec, this infected DDoS download began being used on Jan. 20, the same day the FBI shutdown the file-sharing site Megaupload.com and arrested its founder Kim Dotcom, much to Anonymous’ displeasure. In response to shutting down this site, Anonymous hacked the Department of Justice, Recording Industry Association of America and Universal Music Group.
(Related: DOJ website downed after it closed file-sharing site: Anonymous takes credit)
How Anonymous was specifically targeted with this banking trojan. (Image: Symantec)
Symantec goes on to say that not only is participation in DDoS attacks on websites against the law, but those in the group involved in the attacks may now know what it’s like to have their own information stolen.
Anonymous often uses Twitter to announce planning and completion of attacks. Spreading information via the micro-blogging site of this potential trojan was no different, but the hacking collective seemed to have mixed reviews if it was a legitimate threat to participants’ information or not:
With the arrest of a couple dozen Anonymous members in several countries last week and five members of the sect LulzSec being ratted out by their own ringleader this week, it may seem to some as if the hacktivist collective is being weakened in a way. Yesterday, the Blaze reported Anonymous saying that the collective is not just one group but a movement with ideals that will remain strong. Gizmodo also reports that group issued a letter response yesterday as part of its attack on Panda Security, which is said to have helped arrest the 25 members last week. The group addressed LulzSec’s former leader Sabu — or Hector Xavier Monsegur of New York who worked as an informant for the FBI after he was caught — saying “We understand, but we were your family too. (Remember what you liked to say?)… It‘s sad and we can’t imagine how it feels having to look at the mirror each morning and see there the guy who shopped their friends to police.”
[H/T Technorati]
Popular Stories
Does Misstated Marathon Claim Prove Paul Ryan Is Dishonest? (POLL) 693 Comments
Paper Details Obama Admin’s Alleged Secret Note Sent to Iran: If Israel Attacks, We Won’t Get Involved 499 Comments
Roseanne Barr: Most Billionaires ‘Violent Pedophiles’ & ‘Heartless’ Cocaine Addicts 352 Comments
‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 332 Comments
This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 318 Comments
Faith
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 318 Comments
Pakistani Muslim Cleric Accused of Framing Disabled Christian Girl in Koran-Burning Case Read More- ‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 332 Comments
Meet the Controversial German Imam Accused of Brutally Beating His Wife & Pushing Sharia Law Read More
‘Self-Proclaimed Messiah’ & Unification Church Leader the Rev. Sun Myung Moon Has Died — Here’s His Life Story Read More
Business
President Obama Issues Major ‘Green Energy’ Executive Order 243 Comments- Germany’s Upcoming Court Ruling Will be Huge for the EU Read More
Ford Looks to Beat Toyota for Best-Selling Car in 2012 With This Model 148 Comments
Bernanke & QE3: Here’s What You Need to Know Read More- ‘Extortion’: Why Did the Labor Department ‘Drop the Hammer’ on Oregon Farmers? 302 Comments
Technology
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 318 Comments
‘TaserDrone’: Hackers Weaponize Quadcopter With Actual ‘Shocking’ Technology Read More
Ever Heard of the Wild ‘Burning Man’ Festival in the Middle of the Nev. Desert? Here’s Your Primer Read More
Stanford Develops Technology ‘Better Than Steroids’ for Athlete Recovery Read More
Have You Pretended to Know What ‘the Cloud’ Is? You’re Not Alone Read More
Submitting your tip... please wait!
Comments (56)
capitalismrocks
Posted on March 8, 2012 at 8:21pmThis is EXACTLY what needs to be done, the IRC and other chat channels where these filth coordinate needs to be infiltrated and special purpose destructive trojans needs to be planted in place of their DDoS tools so that their MAC addresses, IP addresses and other specific information is sent to the NSA, FBI and CIA so that they can all be arrested and fully charged with their crimes against their targets and its time to take down these pieces of crap and make them pay heavily for their cyber terrorism…
Report Post »Onowicit
Posted on March 8, 2012 at 10:00pmAnonymousissys.
Report Post »DAS_NIETZSCHEAN
Posted on March 8, 2012 at 7:38pmyou all might not know that:
Report Post »china has a brigade just for computer hacking.
Linux is the hacker OS.
It is really easy to HAX with programs like feeding bottle and aircrack_ng on a platform like Back-track 5 R2..BT5
AND used well with a program like Metasploit you are not safe…… not even with MAC address filtering firewall on your network.
using an IP/MAC masking software you don’t know who I am when I log into your network.
I am studying CIS- network administration “securities”
if I can, so can your benevolent government.
Anadara
Posted on March 8, 2012 at 4:30pmEvery website at risk,
Report Post »should have a Trojan like this,
a sweet honeypot with a nasty z-bot, that screws a machine by fdisk!
Onowicit
Posted on March 8, 2012 at 10:03pmOh Stop, I’m blushing.
Report Post »2theADDLED
Posted on March 8, 2012 at 10:47pmGraft it into those like buttons on every web page nowadays and it opens a port for them easy access brilliant strategy to gain access to any computer.
Report Post »99oxymoron
Posted on March 8, 2012 at 1:53pmIsn’t today the day the internet gets shut off?
Report Post »Rightsofman
Posted on March 8, 2012 at 1:29pmIts good that I‘m not that young because I don’t understand a word in the article. Are the bad guys getting screwed when they hack into computers by some sort of “back at you” program? Is that it?
Report Post »Someone help please – and kindly keep it simple if you will.
99oxymoron
Posted on March 8, 2012 at 2:05pmI think if you scroll down and read ICANCOMENT’s post he (or she) makes it very clear.., you see Zues still lives in the cloud and uses hueristic healing to “one off” dumb binary users.
Report Post ».., er something
Rowgue
Posted on March 8, 2012 at 2:14pmNo that‘s not really what’s happening. First off nobody is hacking into anything.
The way this works is that the “bad guys” pick a target website of some organization they don’t like. They then solicite for volunteers willing to offer up their computers for use in the attack. These volunteer useful idiots are then directed to download the software that will actually facilitate the bad guy being able to use their computer in the attack. Contained within that software they are directed to download is also a trojan horse that is stealing their information and sending it back to the “bad guys”.
So essentially what’s happening is that the bad guys are duping morons into providing the resources they need to perpetrate the attacks. And at the same time they’re duping them into installing the virus on their computers that steals their financial information.
So it isn’t a “back at ya bad guys” type scenario. The actual attackers are the ones spreading the virus, they aren’t getting it. They’re screwing over the moronic middle men that they use.
Report Post »Michael61
Posted on March 8, 2012 at 10:46amChina treat hackers as Informational Terrorists, so the punishment for hacking is firing squad. They also execute hackers publicly in the town square and translate it on TV.
I think that is one policy that we should copy from China. There is nothing more discouraging than hackers. They destroy the very foundation of our future where interconnected computers will be everywhere.
I have 40 years experience as a computer programmer. Yes, we wrote a few viruses (including the smallest in the world computer virus which was only 53 bytes) and hidden memory-resident programs, but it was only for hobby and was NEVER used to hack anybody (except our friends :-)
To hack some system, especially using hacking tools provided by others, is 10000 times easier than to protect against hacking.
Report Post »rockmanlinux
Posted on March 8, 2012 at 11:53amWow, so if you steal you think someone should lose a hand? Cheat on your spouse get stoned to death?
I’d say go live in China. US isn’t built that way.
Report Post »Michael61
Posted on March 8, 2012 at 12:15pmStealing an item or cheating on your wife doesn’t destroy the future of humankind.
Hacking does.
Compare it with stealing a horse from a cowboy. That crime was punishable by instant death, and it was worse than even killing a person. By stealing a horse (the only tool of transportation and earning), you would kill a person as well.
Report Post »Michael61
Posted on March 8, 2012 at 12:25pmBtw, behind those “useful idiots” hackers-wanna-be-s hide government agencies of Russia, China, Iran…
FYI.
The Open Source Software Foundation was funded by KGB (through third parties of course) to destroy the capitalist system.
Linus Torvalds? His father and his mother were both communists, no wonder he created Linux. Same with many others…
Bet $1000 against 1 penny that Anonymous are organized and supported by KGB (or whatever is the name now, FSB).
Report Post »DAS_NIETZSCHEAN
Posted on March 8, 2012 at 7:57pmyes, true….. programs … who want to hax. programs that make it easier to steal information and control the flow of it. To hack a network and steal some banking info is so easy to write your own code c++ in visual studio 2010. if you a college student and through the MSDNAA is free. OR use another program in linux called metas******.
Report Post »and another one called feeding****** free up others secured WPA2-psk (with a dictionary of 36GB) then hit them with the reset and lock them out lol. yea the old school stuff is fun but this new stuff it totally evil. But, where does your ethic’s stand. what do you stand for? who is your “God”? for God or country/Government?
G-WHIZ
Posted on March 8, 2012 at 10:12amBack in the mid-70′s, I went to a Radioshak to buy some floppies. They had been hacked by some one who “slipped-in” a floppy to their main-desk computer. The salesman(friend of mine) said that all-of-a-sudden a [pac-man-like] eater ate in rows from the top-screen to the bottom. This turned-out to be the indicator that the harddrive was being totally eraced…even the opperating system! when the drive was removed, they found it completly-pristine, except for the virus-file, which they nutrelized and removed for later knowledge. He said it was funny to see the “pacman” eating its way down the screen in rows…untilo he realized what was actually happening. Fortunately, the internet was not used by normal industry, much. My friend, there said they only log on to a Radioshak-dedicated phone number when they wanted to get the latest prices,etc… . They did not actually loose anything except a harddrive. Their “cashregister” system was sepparate and when the new-one was installed, they would just dial the number and get their “lost” data in a few minutes. There was NO 24/7- connection to the rest of the world at that time.
Report Post »MosesMcGurk
Posted on March 8, 2012 at 4:45pmThe first virus I encountered was with DOS 2.2 called the Jerusalem virus, the first clue was when the monochrome monitor displayed “This Computer isStoned!” I laughed until I found out that virus had basically uninstalled DOS. The computer, up to that point was connecting to Compuserve but not after that!
Report Post »kralspaces
Posted on March 8, 2012 at 9:49amAnonymous ‘hunters’ will catch up with these guys eventually. So where does Anonymous get their money. You know, follow the money… and you will find the source.
Report Post »SamIamTwo
Posted on March 8, 2012 at 9:24amLike I said the other day, it is easy to catch DOS punks…
Report Post »SamIamTwo
Posted on March 8, 2012 at 9:28amYou know they allowed their DOS sw to be DL about a year or so ago…just about anyone has access to it by now. Book em Danno!!
Report Post »Locked
Posted on March 8, 2012 at 9:30amEasy to catch the ones with a little bit of knowledge. Tougher to catch the ones with a lot. Those who can cover their tracks are practically invisible. Luckily (or not?), there are a lot more who only know a little.
Report Post »Formula382
Posted on March 8, 2012 at 7:31amHope these dudes like to switch hit because it will make prision a little easier on their behinds. As for their “members”, good they deserve what they get!
Their 15 minutes of fame will come to an end soon, and when it does we’ll all be the ones laughing.
Report Post »IMAWAKENOW
Posted on March 8, 2012 at 3:40amI spent most of my life before computers or the web. These fools can keep disrupting until we go back to good ol paper and pen. Then they will be stuck in the basement with comic books again. Bring on the collapse, see who blinks first.
Report Post »4xeverything
Posted on March 8, 2012 at 7:20amI‘m 33 and I’m right there with you. There will be no love lost for the age of computers with me when it all comes tumbling down. The only reason I have one is so I can teach my children how to use them. I would prefer not to, but then I‘m limiting their futures’ to being qualified for maybe a half a dozen jobs, and truthfully I can‘t think of one job anymore that doesn’t involve having to have at least some sort of rudimentary knowledge of computers.
Report Post »KevINtampa
Posted on March 8, 2012 at 2:14amThis is a DHS mission.
Now that they’ve stolen their banking information, they know EXACTLY who is using the tool.
Better hope one of these 1@cker$ didn’t use your banking information, because if so, don’t be surprised from the visit from the men in black that will be forthcoming.
There’s a boat ton of disinformation campaigns lately…
Hmmm…
Report Post »ICanComment
Posted on March 8, 2012 at 7:42amI highly doubt it was DHS. Read up on Zeus. It’s not just a Trojan – it’s a professional tool. The criminal pays ~$7000 for a Zeus kit. The kit lets the criminal compile a custom, one off version of the Trojan.
Interesting things about Zeus:
1. Eludes traditional antivirus heuristics because each compilation is a “one off” customized for the criminal.
2. Each version of Zeus targets only specific websites of the criminal’s choosing. These are typically banking websites, but there’s no limit.
3. Zeus not only logs keystrokes at a specific time, it also takes screenshots of PIN numbers being entered.
4. It uses a database of the criminal’s choosing in the “cloud” to store stolen credentials
5. To my knowledge, Zeus still only runs on Windows targets. I haven’t researched it in a while, but I doubt this has changed.
The list goes on… My point is that this is a professional tool of criminals. While it might serve some DHS objectives, it would be a seriously low tactic. My guess is that that someone out there was simply opportunistic and posted Zeus in the LOIC binary for anyone dumb enough to install it. Real members of Anonymous don’t use Windows, since most of the good tools of the trade are available on Linux. To me, this was just someone taking advantage of Anonymous “fan boys” who were dumb enough to “volunteer” to be a DDoS zombie. Usually DDoS attacks are executed with a network of stolen Windows PCs, unbeknownst to their owners.
Report Post »2theADDLED
Posted on March 8, 2012 at 10:55pmGraft it into that like button on every web page and it opens a port for them easy access brilliant strategy to gain access to any computer.
Report Post »SILLYXTIANSMYTHSAREFORKIDS
Posted on March 8, 2012 at 1:11amYou people don’t understand that Hackers run into these problems all the time…all they do is learn from it & make sure they’re protected from it the next time.
They’ll write counter programs that will defend against it & even counter attack the program itself.
These people LOVE a challenge, it’s FUN for them.
You think they’re just some fat 30+ year olds living in their mommy’s basement.
What you’ll learn is that most hackers work with computers for a living, such as computer programmers & software engineers.
They do “Hacking” as entertainment & a hobby.
They’re already writing new programs as I type this…mark my words.
They LOVE this! & they will not stop…guaranteed.
I have dealt with enough of them to know.
Especially because they see you people as DELUSIONAL DETRIMENTAL DISEASES who only harm society with your Dark Age Archaic beliefs & superstitons.
I for one have to agree with them.
Why is it perfectly sane to believe in a “God” that came AFTER Zeus, Odin, Osiris, Isis, & Thor?
These others “Gods” have been laughed off as childish stories, yet you hold onto your little childish story as “FACT” though it has the EXACT SAME EVIDENCE as these other childish myths.
It’s 2012…time to grow up. After all it will soon be the “Age of Enlightenment”.
Report Post »HumbleMan
Posted on March 8, 2012 at 5:44amTroll
Report Post »FlatFoot
Posted on March 8, 2012 at 5:52amYou took the time to type out all that apologist garbage you‘re spewing but you didn’t take any time to learn that the so-called leader of the Anonymous ‘cell’ that was recently arrested, Hector Xavier Monsegur, is fat, about 30-yrs old, living in Section 8 HUD projects, and subsisting on welfare and food stamps. The only part you did get right is that he does not live in his mothers basement.
The rest of your diatribe was little more than the deranged ravings of a reprobate.
Go figure.
Report Post »Bargis Tryhol
Posted on March 8, 2012 at 6:08amscrew off fool
Report Post »Obama_Sham
Posted on March 8, 2012 at 6:51am@SILLYXTIANSMYTHSAREFORKIDS
“It’s 2012…time to grow up. After all it will soon be the “Age of Enlightenment”.”
Lets see… You post misinformation about the hacking kiddie group and then you post misinformation about religion… You take all of that misinformation and sum it up with your personal anti-religion slant and then tell others “time to grow up”…
You were joking right?!? Surely, you were not being serious…
Report Post »CryptoCop
Posted on March 8, 2012 at 8:38amNice try, junior, but there are six of these clowns sitting behind bars as we speak. They’ll be fingering something soon, alright, but it won’t be a mouse, and it won’t be fun.
Report Post »Kerstile
Posted on March 8, 2012 at 9:48amThanks for the perfect example of what we are dealing with, sillywhatever. Anonymous is a part of each one of us. Some resist its murmurs. Some do not. Sillyposterboy, it will destroy you. Perhaps not today, tomorrow or next decade, but it will mutilate you. That is what the power behind “Anonymous” does, while laughing at you. Hear it? I can, because I was once JUST. LIKE. YOU. It nearly killed me and I do not lie like it does.
Report Post »mr.goodvibe
Posted on March 8, 2012 at 10:58pmThe root of all those myths come from one source. Do some reading and see where it all comes from. When you think you know everything you will never learn anything else. Science is continually proving the creaton stories but you will have to do your own research to learn the truth. Good luck.
Report Post »Rockyspoon
Posted on March 8, 2012 at 1:10amReminds me of what my son, who is in the Air Force Reserves, had to say about some rednecks down South that wanted to cause some serious trouble at an Air Force Base. Apparently half a dozen guys thought it would be fun to shoot at the base in the middle of the night. However, sharpshooters would evaluate the muzzle blasts, fire a few rounds in return, then go pick up the corpses.
A real-life example of what Anonymous is starting to contend with. I wouldn’t want to be them.
Report Post »IMAWAKENOW
Posted on March 8, 2012 at 3:45amWhat do they say, we never forget never forgive. Sounds like sound advice when they catch them.
Report Post »kapnkd
Posted on March 8, 2012 at 12:03am“Komputer Karma” …Gotta luv it!!!
Report Post »pavepaws
Posted on March 8, 2012 at 12:16amAnd this personal information about the hackers is being sent to what government agency?
Report Post »Mark0331
Posted on March 7, 2012 at 11:40pmWhere they so arrogant to think they could continue with their childish games and not get attacked back? Silly rabbits, your not the smartest ones in the room.
Report Post »SILLYXTIANSMYTHSAREFORKIDS
Posted on March 8, 2012 at 12:51amLOL, you “THINK” that actually did anything?
These hackers write programs more sophisticated & more complex…I’m sure they have already laughed it off.
The attacks will continue, & now that they’ve been pissed off…I‘m sure it’ll be worse.
Can‘t stir up a honets’ nest & not expect to get stung..HARD!
Report Post »Obama_Sham
Posted on March 8, 2012 at 6:55am@Silly
You speak as if the Anonymous script kiddies are the worlds greatest computer minds… They are doing denial of service attacks… That is not exactly rocket science and has been around for a long, long time…
Report Post »Kerstile
Posted on March 8, 2012 at 10:30am@sillywhatever, do you not understand the Universe? Yin and yang? “Anonymous” may be a hornet’s nest, but so are who they attack a “hornet’s nest”. Good/evil. Up/down. Inside/outside. Matter/antimatter. Nothing can exist without an opposite. All that will happen if “Anonymous” prevails (and that will be quite temporary) is a return to Chaos. THAT, is in no one’s best interest.
Report Post »Michael61
Posted on March 8, 2012 at 11:16am@Kerstile. Are you sure that you are not me? Great minds think alike.
Chaos, btw, will quickly organize into order. Actually, there is some order in that hackers’ chaos already. China, Russia, Iran government-sponsored hackers are behind those Anonimous “useful idiots”… Plus, like you mentioned, there is always a certain dark figure behind them…
“Anonimous… We are Legion…” Hmm, have we heard that before?
Report Post »mr.goodvibe
Posted on March 8, 2012 at 10:59pmGood by them being legion I hope they are cast in to pigs and run to the the local BBQ joint..
Report Post »keepdad
Posted on March 7, 2012 at 11:40pm“We understand, but we were your family too. (Remember what you liked to say?)… It‘s sad and we can’t imagine how it feels having to look at the mirror each morning and see there the guy who shopped their friends to police.”
Don’t despair, this is what criminals do when they are caught.
Report Post »Jenny Lind
Posted on March 7, 2012 at 11:38pmWow! It’s nice to know they are getting some of their own back-it’s called Karrma.
Report Post »2theADDLED
Posted on March 7, 2012 at 11:36pmWhy would the FBI be spying on the FBI is there a conspiracy in this administration that some agents believe in the oath they took.
Report Post »Rowgue
Posted on March 7, 2012 at 11:03pmNothing has changed, no tables have turned. They are still the same bunch of hapless losers without a clue they’ve always been. Once again they are not a group of hackers. The dumb ass denial of service attacks they do are the internet equivalent of flash mobs. They accomplish nothing except to display their stupidity and utter lack of ability to do anything more significant than putting a flaming bag of excrement on a doorstep and ringing the doorbell.
What they do is the real world equivalent of threatening somebody that if they don‘t do what you want you’re going to get a thousand people to come stand around and make a nuissance of themselves for an hour or two.
Report Post »Rush Limborg
Posted on March 7, 2012 at 10:53pmPoetic justice. Let’s hope the FBI and CIA are taking notes. How to beat Anonymous: create a “domesticated” worm to bite them back where it hurts.
Report Post »right-wing-waco
Posted on March 7, 2012 at 10:53pmJail them for 500 years.
Report Post »Rush Limborg
Posted on March 7, 2012 at 10:51pmPoetic justice! Let’s hope the FBI (not Holder, the REAL FBI) and the CIA are taking notes. In time, God willing, they’ll come up with a “worm” counter-weapon–if Anonymous tries to hack someone, a “domesticated” virus bites them where it hurts!
Report Post »AmericanBorn
Posted on March 7, 2012 at 10:44pm… eating their own. It was bound to happen.
Report Post »Exrepublisheep
Posted on March 7, 2012 at 10:19pmGood for them.
Report Post »