MSNBC: According to security vendor Symantec, people who thought they were helping the hacker group Anonymous may themselves have become the victim of hack attacks. Following the take-down of the site Megaupload, Anonymous launched a series of DDoS attacks against the U.S. Department of Justice, the FBI, Universal Music Group, the Recording Industry Association of America, and other organizations. In order to facilitate those attacks, Anonymous posted a group of tools which supporters could use to take part in the attacks. However, one of those tools, known as Slowloris, had been modified to include the Zeus Trojan, which steals login credentials from users’ machines.
Symantec warned would-be Anonymous members: “Not only will supporters be breaking the law by participating in DoS attacks on Anonymous hacktivism targets, but may also be at risk of having their online banking and email credentials stolen.”