Pro-Ukraine ‘Protestware’ Pushes Geo-Targeted Malware


The idea of using popular modules as “protestware” to deploy destructive payloads runs the risk of undermining trust in open-source software.

“Ukrainian and non-Ukrainian developers are modifying their public software to trigger malware or pro-Ukraine ads when deployed on Russian computers,” said Alex Holden, a native Ukrainian who runs the Milwaukee-based cyber intelligence firm Hold Security.

Commenting on the malicious code added to the “Vue-cli” application, GitHub user “nm17” said a continued expansion of protestware would erode public trust in open-source software.

“The Pandora’s box is now opened, and from this point on, people who use opensource will experience xenophobia more than ever before, EVERYONE included,” NM17 wrote. “The trust factor of open source, which was based on good will of the developers is now practically gone, and now, more and more people are realizing that one day, their library/application can possibly be exploited to do/say whatever some random dev on the internet thought ‘was the right thing they to do.’ Not a single good came out of this ‘protest.’”

Read More at Krebs on Security

Read the rest at Krebs on Security