Anonymous Operating System Released -- But Is It a Trap?
A screenshot of the Anonymous OS installation screen.
Updated at 4 p.m. ET March 15.
Members of the hactivist group Anonymous have created and released their own desktop operating system, but there's doubt within the security community — and among Anonymous itself — about its legitimacy.
Released yesterday (March 13) and posted for download on a Tumblr blog, Anonymous-OS is a variant of Ubuntu Linux pre-loaded with several hacking tools allowing users to mask their online anonymity while cracking passwords, analyzing network protocols and launching their own denial-of-service attacks.
These tools include Slowloris and Pyloris (for DoS attacks), TOR (for IP address anonymizing) and the password cracker John the Ripper. It's not yet installable on PCs, but you can boot Anonymous-OS from a LiveCD (where the OS lives on the CD) or a LiveUSB (where the OS is on a flash drive).
According to the Anonymous-OS Tumblr blog, the new operating system was "created for educational purposes to checking [sic] the security of Web pages."
But despite its outward appearance — the OS bears the Anonymous-adopted "V for Vendetta" Guy Fawkes mask, Anonymous logos and the "We are Anonymous, We are Legion" slogan" — the "real" hactivist group may not have a hand in it.
"It is unclear whether any link exists between the group and those behind the new operating system," Paul Roberts from the security firm Kaspersky Lab wrote.
It's possible, Roberts suggests, that the notorious hacking collective "inspired" Anonymous-OS, but didn't actually create it.
A tweet from the @YourAnonNews Twitter feed seems to substantiate that claim: "Seeing lots of tweets about purported 'Anonymous OS' released earlier. BE CAREFUL! Remember the Zeus Trojan incident w/Slowloris recently!"
"The Anon OS is fake it is wrapped in trojans," wrote the @AnonOps Twitter feed.
The "incident" occurred in January, when a version of Slowloris rigged with the Zeus Trojan appeared in a list of Anonymous-approved attack tools, and supporters trying to download the denial-of-service attack tool instead infected their systems with the dangerous financial malware.
In a posting in broken English on the Anonymous-OS blog early today (March 15), the creators of the OS defended it against such accusations.
"Please people," read the posting, "in our world, in Linux and opensource world, there is not virus. If any user believe that Anonymous-OS 'is wrapped in trojans' or 'backdoored OS by any Law enforcement Company or Hacker' please don’t download it! But don't mislead the world that Linux is dangerous and has trojans!"
As of this morning, Anonymous-OS had been downloaded more than 26,000 times from the open-source software repository Sourceforge.net.
UPDATE: As of Thursday afternoon, March 15, Sourceforge has pulled Anonymous-OS from its download repositories.
"Various security experts have had a chance to take a look at what's really in this distribution, and verify that it is indeed a security risk, and not merely a distribution of security-related utilities, as the project page implies," reads a posting on the Sourceforge blog.
"This project isn't transparent with regard to what's in it," the posting continues. "It is critical that security-related software be completely open to peer review (i.e., by providing source code), so that risks may be assessed along with benefits. That is not available in this case, and the result is that people are taking a substantial risk in downloading and installing this distribution.
"We have therefore decided to take this download offline and suspend this project until we have more information that might lead us to think differently. We'll be in touch with the project admin, and let you know if and when we find out anything to contrary, but for now, that's what we're doing."
Anonymous OS is still available through a BitTorrent link from the Anonymous-OS Tumblr blog.