'Anonymous OS' turns out to be intelligence test, not preconfigured hacker tool

Yeah, your first instinct was right. It was a trap loaded with Trojans. Format c:\

Here's a tip for how to safely use the operating system various media outlets have reported was released this week by the hacktivist collective Anonymous: Don't.

" #Protip - Don't use Anonymous OS, we don't know anything about it and can't vouch for it." --@YourAnonNews, 11 a.m., 15 March, 2012.

Reported originally as having been released by members of Anonymous, the OS is based on the Ubuntu 11.10 distribution of Linux, the MATE user interface found in Linux Mint and contains a raft of tools to sniff the security of web sites, launch denial of service attacks, SQL injections, password crackers and Anonymous' own Low Orbit Ion Cannon DDOS tool.

It was distributed with a note asking those who try it not to use it to take down web sites. It was distributed for "education purposes to checking the security of web pages," according to its authors.

It's also completely fake, infected with the Zeus Trojan horse, which is tenaciously effective at stealing banking passwords and financial information from both end users and the banks themselves.

Anonymous itself denounced the OS almost as soon as announcements and download links for it hit the 'net.

"The Anon OS is fake it is wrapped in Trojans," tweeted the usually reliable AnonOps account on Twitter.

Sophos Security's Graham Cluley reported that more than 20,000 people had downloaded the highly suspicious AnonymousOS, but couldn't identify any reason they would trust it.

It's possible the poisoned OS is an attempt by an unusually geeky and sly law enforcement agency to foist a bit of software on the Anonymi that would secretly identify them to the cops, as Cluely suggested as a remote possibility.

It's more likely the work of a troll or Anonymous-hating hacker using the name Anonymous to spread a profitable Trojan and besmirch Anonymous' reputation among hackers at the same time.

The trap in AnonymousOS is similar to the one in Low Orbit Ion Cannon software downloads in February that were also seeded with Zeus Trojans and other malware, apparently to catch members and friends of Anonymous with their guards down as they flocked to help retaliate for the FBI raid that took down MegaUpload, Symantec points out.

Whatever the source or the motivation, an operating system or other package of software labeled with the name of a notorious hacker organization, distributed far more openly than most Anonymous tools, is not likely to be a solid addition to anyone's lineup of useful software.

It's especially unattractive if Anonymous itself denies any knowledge of it and warns others to avoid it specifically to limit the chance of a major Zeus epidemic for which members of Anonymous will be blamed.

It's just stupid to download or use the thing when security companies and Twitterers unfriendly to Anonymous are not only pointing out the irony, but cackling about the tragedy of Anonymous wannabes falling so easily for social-engineering hacks.

That should all be obvious to anyone who can spell their own username or surf to more than one web site without getting lost.

Seeing more than 20,000 people download and install such an obvious trap isn't so much shocking as it is disappointing. I prefer to have a much higher opinion than that of most people. Too bad they don't help me keep it.

In case you're still wondering about when and whether to download the Anonymous OS, LOIC or any other "Anonymous software," just don't.

Take a ProTip from Anonymous, and stay away from things that do their best to trip all your alarms, rather than letting them pique your curiosity.

Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies