Hackers – operating under the flag of the Anonymous movement – have hacked various US government websites in a continuing protest over the treatment of Aaron Swartz, the internet activist who commited suicide earlier this month.
And what have the hackers done with their unauthorised access to the websites? They’ve embedded a secret Asteroids game.
Swartz, you will remember, was facing trial on charges that he used MIT’s network to grab millions of articles from the non-for-profit academic journal archive JSTOR, with the aim of republishing them without restriction.
Anonymous hacktivists have threatened to leak sensitive government information in protest over Swartz’s death, but while the world is waiting to see if they do publish confidential stolen US government data their Asteroids antics are getting more attention.
The first website to reportedly fall to the Asteroids hack in “Operation Last Resort” was the US Sentencing Commission, the body which establishes sentencing policies for federal courts.
That site was cleaned up over the weekend, but at the time of writing the website belonging to the Eastern District of Michigan’s United States Probation Office has been found to also be carrying the Asteroids payload.
A game of Nyan-cat flavoured Asteroids will begin if you enter the following “Konami code”: ↑ ↑ ↓ ↓ ← → ← → (up up, down down, left right, left right on the cursor keys) then press “B”, “A” and “Enter”.
First of all you’ll see a message..
.. and then the Asteroids game begins, the website slowly disintegrating as you shoot it up with your lasers:
To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness.
If you run a website make sure you are doing everything to keep it as secure as possible – for both your company’s sake, and that of your users. If you haven’t already done so, read this informative paper by SophosLabs, “Securing websites”, which covers some of the issues.
One comment on “Hackers play Asteroids on US government websites”
Is the code added to the page available elsewhere?