Anonymosus-OS: an OS for Anons

A group working under the Anonymous banner has release Anonymosus-OS, a derivative of the Ubuntu GNU/Linux distribution optimized for doing Anonymous-style stuff, with a bunch of "security testing" tools included in the distro. Given recent revelations about the infected version of the Low-Orbit Ion Cannon, it would be prudent to manually verify all the package checksums before using this.

Here some of preinstalled apps on Anonymous-OS:

- ParolaPass Password Generator
- Find Host IP
- Anonymous HOIC
- Ddosim
- Pyloris
- Slowloris
- TorsHammer
- Sqlmap
- Havij
- Sql Poison
- Admin Finder
- John the Ripper
- Hash Identifier
- Tor
- XChat IRC
- Pidgin
- Vidalia
- Polipo
- JonDo
- i2p
- Wireshark
- Zenmap
…and more



  1. uh oh

    1. I wouldn’t even under stand Anonymous’s motivation in creating something like this when BackTrack exists…  It looks like it has a couple more/different apps, but geez they aren’t that hard to install.

      1. But… but how can I be anonymous without a branding myself as such? All I want to do is show everyone how anonymous I am.

  2. You know that Anonymous has already denounced this as not theirs, and alerted everyone that it’s full of trojans, no?

    1. There is no “Anonymous” to denounce this. Some people working under an Anonymous banner have produced this. One report I’ve seen says that an account run by someone or someones working under an Anonymous banner has denounced this (but didn’t actually link to the denunciation, if it exists).

      No one I’ve seen to date has said, “The following packages in this distro blow their checksums,” much less, “I have discovered the malicious code in these specific packages.”

      As I said, I wouldn’t run this OS until I had verified the checksum on every package, and I think you’d be nuts to do so, as well.

        1. Both @anonops and @youranonnews have confirmed that Anon-OS is fake + infected

          Confirmed…  haha…

          If anyone has found any specific pieces of malware within this distro, please share the specific details. Otherwise, this all just sounds like a bunch of clucking chickens.

          This is probably just basically BackTrack with a different color scheme, desktop picture and assorted penetration tools added to it.

          I wouldn’t be surprised if there was a trojan hidden in there somewhere, but at the same time, I haven’t seen any actual confirmed evidence of malware (yet).

          I also haven’t seen where Cory has told anyone to run this on their grandmother’s computer, either.

          1. From SourceForge’s announcement pulling the project:

            However, as the day progressed, various security experts have had a chance to take a look at what’s really in this distribution, and verify that it is indeed a security risk, and not merely a distribution of security-related utilities, as the project page implies.[…]

            Furthermore, by taking an intentionally misleading name, this project has attempted to capitalize on the press surrounding a well-known movement in order to push downloads of a project that is less than a week old.

          2. Thanks SamSam, I already read that previously. But, once again…. what is the specific security risk? Still just sounds like a bunch of clucking chickens to me. Is there specific malware embedded into the distro? What’s it called? Is it custom malware? Show the code.

            Otherwise… cluck.. cluck… cluck…

      1. “As I said, I wouldn’t run this OS until I had verified the checksum on every package…”

        Against what? Trojan OS is genuinely Trojan.

        Cory, don’t play. Write a story about Disney OS or something.

      2.  Well the Zeus trojan checksum appears legit, so that component of Anonymous-OS ought to work as designed.

    1. Yeah.  I’m pretty sure Cory has things on a queue.  He posted an article about the Kony video well after Xeni posted all of the problems with it.

  3. If I were an entity that was trying to battle forces like Anonymous, this is exactly the type of effort I would make to track as many of them as possible. I’m no hacker but I would be very wary of using a tool like this if I was.

  4. Yeah, checking the checksums is going to do you exactly fuck-all when the original OS was created as a trojan.

    Sure, someone calling himself “Anonymous” created it, and some more (rather well-known and trusted…) people called “Anonymous” warned that this thing is a trojan, but you’re not going to get to the bottom of it unless it’s independently audited by someone with a real name.

    But looking at the checksum will do nothing at all either way, so it’s disingenuous to imply that after doing so you can feel all warm and safe about tweeting the latest from Iran.

    People’s lives can be on the line. You shouldn’t hide behind journalistic balance and say “I’m just reporting what I’m told, I don’t need to find out the truth, and he-said/she-said/all-sides-are-worth-the-same.” If some fairly respected voices in Anonymous are denouncing this as a trojan, you should at least put that in your post.

  5. Source Forge has now removed the download and suspended the project. Their blog post here >

  6. I have a copy of it. I have not had the time to take it apart yet.  Should be interesting.  I have tools for finding and reverse engineering malware, so it should be fun.

  7. Seriously, no one has name checked ParanoidLinux but are pleased to pettifog about the time line for posting this?

    Kudos to Cory who stuck the concept in a book quite some time ago

    1. I don’t see what this has to do with Paranoid Linux. From the about page, it doesn’t look like they added any interesting low-level behavior to Ubuntu Linux. I’m still waiting for someone to build a Paranoid Linux-style system with a secure anonymous mesh network layered on top of the low-level network, and complete distrust of the hardware and the room the OS is sitting in.

  8. Downloading the torrent was a long slog. 

    I’m planning on running it in a virtual machine and watching the traffic on the host interface (via Wireshark). Just for the lulz of seeing what it tries to connect with.

  9. I like that this is pretty much Linux for Dummies, Script Kiddie Edition, powered by NSA.

    Real hackers hopefully have the sense to at least use something better than Ubuntu.

  10. Sounds like a standard false flag distro, trying to capitalize on idiots who think that a hackinthebox kit is a  really stellar, safe way to go about things.

  11. At first I was like “Cory! Haven’t you noticed that it’s covered in trojans?” but then I got as far as “it would be prudent to manually verify all the package checksums before using this” and realised that Cory Doctorow must be trolling us.

    Checksums will tell you nobody opened your lunchbox, they won’t tell you if the sandwich is mouldy.

  12.  Also, if it would be prudent to check first before downloading, isn’t Cory basically admitting that he wasn’t prudent enough to check first before posting?

Comments are closed.