After a pirating operation called Megaupload was put out of business, the criminals at Anonymous decided to launch attacks on various targets they thought should pay for enforcing the law, such as the U.S. Department of Justice, RIAA, etc.
So some unknown member (aren't they all?) put out a list of attack tools called "Idiot's Guide to Be Anonymous". And the criminal geniuses downloaded and installed.
Now here is the funny part - It turns out that one popular attack tool, called "Slowloris", was actually malware. Someone had inserted the "Zeus" Trojan into it. So while the happy little Anons attacked their preferred targets, their email account data, bank account data and more was being stolen. "Idiot's Guide to Be Anonymous" - how very appropriate.
Of all the things I've seen read about this, my favorite is definitely:
So congratulations script kiddies, I'm sure the satisfaction of knocking a few websites offline for a couple of hours in that online tantrum was totally worth opening your collective wallets to the Internet. I'm equally sure that whichever slick sumbitch that inserted the Zeus and effortlessly exploited your blind, slavering, eagerness to be part of the crowd shares your high-minded ideals about IP protection policies. (from Gizmodo)
Anonymous supporters attacked, their bank data vulnerable
Anonymous Members Hacked During Their Own DDoS Attacks