Low Orbit Ion Cannon, which is designed to flood websites with connections, included ZeuS, Symantec reports. Users who have installed this tool on their computers were infected by a Trojan.
ZeuS Trojan performs DDoS attacks, but it's not the hole deal. It also steals users’ banking credentials, webmail logins and cookies.
The Trojan was built into the tool that Anonymous use to perform DDoS attacks on 20 January 2012, the same day as the FBI raided Megaupload. On a popular Pastebin guide an attacker modified the link that Anonymous use for downloading the denial-of-service tool. He changed this link to a Trojanized version of this tool.
The members of hactivists group Anonymous posted in Twitter: “Anonymous supporters tricked into installing Zeus trojan. This MUSTN'T happen. Be careful what you post and click on!”.