Anonymous vs. Zeus: an Attack on Hackers
When you hear the word “Anonymous,” what comes to your mind? The movie about the “real story” behind William Shakespeare? A group or hackers? Or do you think of them as hackitivists? People have different perceptions about Anonymous the group, but would you ever think of Anonymous as a victim?
In a recent post from Symantec, the security specialist stated that some Anonymous supporters have unknowingly downloaded Zeus, a Trojan horse that attempts to steal confidential information from the compromised computer. It may also download configuration files and updates from the Internet in their hopes of supporting and participating in denial-of-service (DDoS) attacks.
Apparently, a different group of hackers, lets call them Z-hackers, modified a popular PasteBin guide used by Anonymous members for downloading and using the DoS tool Slowloris. the Z-hackers changed the download link to a Trojanized version of the Slowloris tool. The attack on Anonymous happend the day Megaupload was raided by the FBI. On the same day, Anonymous posted their own DoS guide on PastBin, but it also included the Trojanized tool.
When an Anonymous supporter downloads and executes the Trojanized Slowloris tool a Zeus (also known as Zbot) botnet client is installed. The malware dropper then attempts to conceal the infection by replacing itself with the real Slowloris DoS tool.
“Zeus is an advanced malware program that cannot be easily removed,” said the Symantec post. “The Zeus client is being actively used to record and send financial banking credentials and webmail credentials to the botnet operator. Additionally, the botnet is being used to force participation in DoS attacks against Web pages known to be targets of Anonymous hacktivism campaigns.”
“Not only will supporters be breaking the law by participating in DoS attacks on Anonymous hacktivism targets, but may also be at risk of having their online banking and email credentials stolen. The joining of malicious financial and identity fraud malware, Anonymous hacktivism objectives, and Anonymous supporter deception is a dangerous development for the online world. We will continue to watch for new developments,” Symantec added.
It’s the latest in a string of confusing developments in technology’s security landscape, where an air of lawlessness still presides. The Zeus attack is yet another reminder for consumers to be vigilant in their own device protection, changing passwords regularly and maintaining software on their devices.
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
