Hackers play Asteroids on US government websites

Filed Under: Featured, Law & order, Vulnerability

Asteroids gameHackers - operating under the flag of the Anonymous movement - have hacked various US government websites in a continuing protest over the treatment of Aaron Swartz, the internet activist who commited suicide earlier this month.

And what have the hackers done with their unauthorised access to the websites? They've embedded a secret Asteroids game.

Swartz, you will remember, was facing trial on charges that he used MIT's network to grab millions of articles from the non-for-profit academic journal archive JSTOR, with the aim of republishing them without restriction.

Anonymous hacktivists have threatened to leak sensitive government information in protest over Swartz's death, but while the world is waiting to see if they do publish confidential stolen US government data their Asteroids antics are getting more attention.

The first website to reportedly fall to the Asteroids hack in "Operation Last Resort" was the US Sentencing Commission, the body which establishes sentencing policies for federal courts.

That site was cleaned up over the weekend, but at the time of writing the website belonging to the Eastern District of Michigan's United States Probation Office has been found to also be carrying the Asteroids payload.

A game of Nyan-cat flavoured Asteroids will begin if you enter the following "Konami code": ↑ ↑ ↓ ↓ ← → ← → (up up, down down, left right, left right on the cursor keys) then press "B", "A" and "Enter".

First of all you'll see a message..

Message pops-up on US government website

.. and then the Asteroids game begins, the website slowly disintegrating as you shoot it up with your lasers:

Asteroids game reveals image of Aaron Swartz

To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness.

Asteroids code embedded in website

If you run a website make sure you are doing everything to keep it as secure as possible - for both your company's sake, and that of your users. If you haven't already done so, read this informative paper by SophosLabs, "Securing websites", which covers some of the issues.

, , , , , , , ,

You might like

One Response to Hackers play Asteroids on US government websites

  1. Is the code added to the page available elsewhere?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.