Symantec has seized on an alleged scam in which supporters of the Anonymous hacktivists may have been "tricked" into infecting their own machines with the Zeus trojan.
The security firm said it had tracked a change in a pastebin entry that instructed internet users on how to participate in a denial-of-service attack in the wake of the Megaupload raids.
A download link to the denial-of-service tool was replaced with a "trojanised" version that stole usernames, passwords, banking credentials and cookies, Symantec said.
"Not only will supporters be breaking the law by participating in DoS attacks on Anonymous hacktivism targets, but may also be at risk of having their online banking and email credentials stolen," the firm said.
"The joining of malicious financial and identity fraud malware, Anonymous hacktivism objectives, and Anonymous supporter deception is a dangerous development for the online world."
Symantec did not release any data on apparent rates of infection, but noted the guide that features the malware-embedded link had been retweeted several hundred times in response to various causes taken up by Anonymous.
Copyright © iTnews.com.au . All rights reserved.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.