Hacker thieves targeted Anonymous allies: Symantec

March 5th, 2012 in Technology / Internet
A masked hacker, part of the Anonymous group, is pictured in Lyon, France, in January 2012. Anonymous on Monday gave mixed reactions to a US computer security firm's report that backers of the notorious hacker group were suckered into downloading software that steals online banking information.


A masked hacker, part of the Anonymous group, is pictured in Lyon, France, in January 2012. Anonymous on Monday gave mixed reactions to a US computer security firm's report that backers of the notorious hacker group were suckered into downloading software that steals online banking information.

Anonymous on Monday gave mixed reactions to a US computer security firm's report that backers of the notorious hacker group were suckered into downloading software that steals online banking information.

A message at a Twitter account for YourAnonNews blasted Symantec's findings as "wrong and libelous" while "" from other accounts claiming to be voices from the loosely knit group alerted people to the danger.

Symantec, which is among the long list of victims of Anonymous attacks, reported that someone replaced a software tool available for download by Anonymous allies with code that also steals bank account data.

The Anonymous ally software is a small program that lets computers join an army of machines that hit websites with simultaneous requests for information or service in what are referred to as distributed-denial-of-service attacks (DDoS).

A pastebin.com link that Anonymous supporters were referred to for the DDoS tool was replaced with a link to a deceptively similar Zeus virus that also steals online banking password and account information, according to Symantec.

"The Zeus client does perform DoS attacks, but it doesn't stop there," Symantec said in a blog post. "It also steals the users' online banking credentials, webmail credentials, and cookies."

"Not only will supporters be breaking the law by participating in (denial-of-service) attacks on Anonymous hacktivism targets, but may also be at risk of having their online banking and email credentials stolen," Symantec added.

The Anonymous tool was replaced with the duplicitous download on January 20, the day US authorities shut down file-sharing website in a move condemned by the , according to Symantec.

(c) 2012 AFP

"Hacker thieves targeted Anonymous allies: Symantec." March 5th, 2012. http://phys.org/news/2012-03-hacker-thieves-anonymous-allies-symantec.html