SURPRISE: “Anonymous” members tricked into giving up bank details.

Anonymous uses tools such as the Low Orbit Ion Cannon or Slowloris to perform distributed denial-of-service (DDoS) attacks against its targets, with sympathetic Anons downloading the software to become part of a voluntary botnet.

In January the group decided to hit the websites of the US Department of Justice and various media companies in response to the takedown of file storage site Megaupload, providing a guide on Pastebin for those who wished to take part in the attacks. Symantec says that an attacker appears to have copied that guide and inserted their own version of the Slowloris software containing a secret Trojan that downloaded a copy of Zeus, a piece of malware often used to take control of an infected computer.

Computers infected with the malware still took part in the Anonymous DDoS attacks, but were also secretly sending online bank account and webmail logins back to the attacker. Anonymous members have tweeted links to to this fake guide nearly 500 times, referring to it as “Tools of the DDos trade” and “Idiot’s Guide to Be Anonymous.”

What kind of idiot downloads software from hackers to the same computer that he/she uses for online banking? First rate.