Anonymous Supporters Tricked Into Downloading Trojan
The anti-virus company Symantec has a detailed report on how members of the loosely affiliated hacker group Anonymous, known for attacking everyone from child porn distributors to the FBI, may have been tricked into downloading a trojan that steals online banking credentials, webmail credentials, and web browser cookies.
Anonymous uses a number of Twitter accounts to encourage "members" to act against a target. These Twitter postings will encourage group members to attack a specific target and will sometimes offer instructions and links to software to facilitate the attack. The site Pastebin is then used to distribute the software and other messages. One common attack is called the "distributed denial of service" (ddos) attack, where multiple people use a tool to submit thousands of requests to a web site, making it unavailable to web-surfers.
On January 21, the day after the MegaUpload raid, a commonly used ddos tool, Slowloris, was hacked and posted to Pastebin. Numerous Tweets include a link to the hacked tool, with the account @yourAnonNews picking up the link and sending it out to 500,000 followers.
The article doesn't share any theories as to who might be behind the hack, but this underscores the risks involved with operating a loosely affiliated group; it is hard for participants to know who to trust, and other can call participants to action, such as attacking Facebook, without any real affiliation to the group.