Hackers play Asteroids on US government websites

by Graham Cluley on January 28, 2013 | 1 Comment

Filed Under: Featured, Law & order, Vulnerability

Asteroids gameHackers - operating under the flag of the Anonymous movement - have hacked various US government websites in a continuing protest over the treatment of Aaron Swartz, the internet activist who commited suicide earlier this month.

And what have the hackers done with their unauthorised access to the websites? They've embedded a secret Asteroids game.

Swartz, you will remember, was facing trial on charges that he used MIT's network to grab millions of articles from the non-for-profit academic journal archive JSTOR, with the aim of republishing them without restriction.

Anonymous hacktivists have threatened to leak sensitive government information in protest over Swartz's death, but while the world is waiting to see if they do publish confidential stolen US government data their Asteroids antics are getting more attention.

The first website to reportedly fall to the Asteroids hack in "Operation Last Resort" was the US Sentencing Commission, the body which establishes sentencing policies for federal courts.

That site was cleaned up over the weekend, but at the time of writing the website belonging to the Eastern District of Michigan's United States Probation Office has been found to also be carrying the Asteroids payload.

A game of Nyan-cat flavoured Asteroids will begin if you enter the following "Konami code": ↑ ↑ ↓ ↓ ← → ← → (up up, down down, left right, left right on the cursor keys) then press "B", "A" and "Enter".

First of all you'll see a message..

Message pops-up on US government website

.. and then the Asteroids game begins, the website slowly disintegrating as you shoot it up with your lasers:

Asteroids game reveals image of Aaron Swartz

To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness.

Asteroids code embedded in website

If you run a website make sure you are doing everything to keep it as secure as possible - for both your company's sake, and that of your users. If you haven't already done so, read this informative paper by SophosLabs, "Securing websites", which covers some of the issues.

Tags: , , , , , , , ,

One Response to Hackers play Asteroids on US government websites

  1. @NoBigGovDuh says:
    January 29, 2013 at 12:26 am

    Is the code added to the page available elsewhere?

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.