For anyone not familiar with the term, a "Hacktivist" is a new-age activist that uses computer hacking skills and tools to infiltrate or disrupt websites, usually owned by banks, government, and large-scale corporations. These individuals often form groups that coordinate activities like DDoS (distributed-denial of service) attacks, which cause websites to go offline. Knocking sites offline causes financial strain and hardship on the companies, which have to implement aggressive defense plans in order to keep their websites available to the public.
Well now the targeters have become targets themselves. Anonymous seems to always be gaining new members and has been helping these newcomers to join in on attacks by providing instructions on how to download and install tools such as the "Low Orbit Ion Canon", used in massive coordinated DDoS attacks. These tools, however, have now become a sneaky way for Fraudsters (criminal or others with malicious intent) to steal information and money from hopeful activists and innocent users. The Symantec Security Response blog is reporting that supporters of the Anonymous cause are being fleeced into downloading one such program that is presumed to assist in DDoS attacks on targeted companies. While this program, named the "Zeus" client, does in fact help with DDoS assaults, it is also laced with a banking style Trojan. This Trojan botnet secretly steals the user's information and can steal email credentials, banking information, passwords, and cookies stored on the victims computer.
Symantec is reporting that these types of strategically placed malware may have started being posted as online bait around January 20, 2012. Symantec stated that "An attacker took a popular PasteBin guide, used by Anonymous members for downloading and using the DDoS tool Slowloris, and modified it." Quite a few individuals fell for the sly attack and it's reported that by February 15, 2012, more than 400 tweets were pointing towards the virulent link.
To make matters worse, the Zeus client is purported to not only steal sensitive information but will also covertly turn an infected PC into a botnet node. This not only makes the Zeus program dangerous to Anonymous supporters, but also to innocent users who may get caught up in the firestorm.
Many individuals, including Symantec, have displayed curiosity as to why these tools still carry out attacks on Anonymous targets, on top of stealing information. One reason may be an additional "cover" to aid Fraudsters in secretly obtaining info from the tools users. If these programs act and function as outlined by Anonymous than users have no reason to question their validity. Hacktivism is a rapidly growing trend as Internet communications and organized online retaliation continues to grow in popularity. Unfortunately, it seems that fraud and malicious intent are rising at around the same rate.
