As per reports by Symantec, Anonymous suporters were deceived into downloading a Zeus Trojan. In 2011, Anonymous hackers released few Dos tools to its supporters. In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous. In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The trojan gave up their banking details and other personal information.

The attacker copied the original pastebin post and created a replica of the same post but gave a new download link which had a link that contained Trojanized version of the Slowloris tool.
This Anonymous DoS tool on PasteBin has become quite popular among the Anonymous movement with more than 26,000 views and 400 tweets referring to the post. The following is a timeline of the tweets with related hacktivism causes highlighted:
When the Trojanized Slowloris tool is downloaded and executed by an Anonymous supporter, a Zeus (also known as Zbot) botnet client is installed. After installation of the Zeus botnet client, the malware dropper attempts to conceal the infection by replacing itself with the real Slowloris DoS tool. Zeus is an advanced malware program that cannot be easily removed. The Zeus client is being actively used to record and send financial banking credentials and webmail credentials to the botnet operator. Additionally, the botnet is being used to force participation in DoS attacks against Web pages known to be targets of Anonymous hacktivism campaigns.
Source/Image Credits: symantec