Hackers play Asteroids on US government websites

Graham Cluley
Graham Cluley
@[email protected]

Asteroids gameHackers – operating under the flag of the Anonymous movement – have hacked various US government websites in a continuing protest over the treatment of Aaron Swartz, the internet activist who commited suicide earlier this month.

And what have the hackers done with their unauthorised access to the websites? They’ve embedded a secret Asteroids game.

Swartz, you will remember, was facing trial on charges that he used MIT’s network to grab millions of articles from the non-for-profit academic journal archive JSTOR, with the aim of republishing them without restriction.

Anonymous hacktivists have threatened to leak sensitive government information in protest over Swartz’s death, but while the world is waiting to see if they do publish confidential stolen US government data their Asteroids antics are getting more attention.

Sign up to our free newsletter.
Security news, advice, and tips.

The first website to reportedly fall to the Asteroids hack in “Operation Last Resort” was the US Sentencing Commission, the body which establishes sentencing policies for federal courts.

That site was cleaned up over the weekend, but at the time of writing the website belonging to the Eastern District of Michigan’s United States Probation Office has been found to also be carrying the Asteroids payload.

A game of Nyan-cat flavoured Asteroids will begin if you enter the following “Konami code”: ↑ ↑ ↓ ↓ ← → ← → (up up, down down, left right, left right on the cursor keys) then press “B”, “A” and “Enter”.

First of all you’ll see a message..

Message pops-up on US government website

.. and then the Asteroids game begins, the website slowly disintegrating as you shoot it up with your lasers:

Asteroids game reveals image of Aaron Swartz

To have one website fall foul of Asteroid-loving hackers may be regarded as a misfortune; but to have two looks like carelessness.

Asteroids code embedded in website

If you run a website make sure you are doing everything to keep it as secure as possible – for both your company’s sake, and that of your users. If you haven’t already done so, read this informative paper by SophosLabs, “Securing websites”, which covers some of the issues.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.