• Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Security

After ‘Protestware’ Attacks, Russian Bank Warns On Updating Software

Olagoke Ajibola by Olagoke Ajibola
March 23, 2022
in Security
Share on FacebookShare on Twitter

After 'protestware' attacks, a Russian bank has advised clients to stop  updating software - The Verge

As Russian forces continue to invade and attack the Ukrainian community, the consequences of these actions continue to take a devastating toll on the technology sector including open-source software development. Recently, Sberbank – Russians largest bank made an announcement to its customers to temporarily halt the installation of software updates to any application after a “protestware” attack targeted Russian and Belarusian users. This call was made out of concern that these software updates may contain some form of malicious code that is specifically targeted at unsuspecting Russian users.

According to a Russian news source, Sberbank mentioned that “Currently, cases of provocative media content being introduced into freely distributed software have become more frequent. In addition, various content and malicious code can be embedded in freely distributed libraries used for software development. The use of such software can lead to malware infection of personal and corporate computers, as well as IT infrastructure.” Sberbank didn’t say it had fallen victim to an attack, but the bank decided to warn its clients about the threat of malicious code being “embedded in freely distributed libraries used for software development.” The Russian bank has advised that when there is an urgent need to use the software, users should ensure they scan such files with an antivirus or manually review the source code. Few Russians have considered this suggestion by Sberbank as likely impractical, if not impossible, for most users who aren’t tech-savvy.

According to The Verge News, the reasons for this announcement has been referenced to an incident that happened in March, where the developer of a widely used JavaScript library added an update that overwrote files on machines located in Russia or Belarus. Supposedly implemented as a protest against the war, the update raised alarm from many in the open-source community, with fears that it would undermine confidence in the security of open-source software overall. The update was made in a JavaScript module called node-ipc, which, according to the NPM package manager, is downloaded around 1 million times per week and used as a dependency by the popular front-end development framework Vue.js.

According to other reports from another news source The Register, updates to node-ipc made on March 7th and March 8th added code that checked whether the IP address of a host machine was geolocated in Russia or Belarus, and if so, overwrote as many files as possible with a heart symbol. A later version of the module dispensed with the overwriting function and instead dropped a text file on users’ desktops containing a message that “war is not the answer, no matter how bad it is,” with a link to a song by Matisyahu.

After 'protestware' attacks, a Russian bank has advised clients to stop  updating software - Verve times

Although reports say that the most destructive features of the “protestware” module no longer appear in the code, however, the consequences have proven harder to undo. Since open-source libraries are essential for software development, a wide-ranging loss of trust in their integrity could have knock-on big effects for users in Russia and elsewhere.

In a tweet, cybersecurity analyst Selena Larson has referred to it as “forced insecurity”; in general, the open-source community has openly criticized protestware and the updates to node-ipc in particular, saying it undermines trust in the open-source system. Because of how integral open-source code is to every computer system, the fallout from a protestware attack can also be unpredictable and cause massive collateral damage.

More broadly, the ongoing Russian-Ukraine unrest has posed difficult ethical problems to the Russian technology sector. While global tech leaders like Amazon, Apple, Sony and the rest of them have halted sales and businesses in the Russian market, others are keen on remaining in business with Russia. In a blog post recently, Cloudflare CEO Matthew Prince confirms his company would continue to provide service in Russia despite pressure to call it to quit, in the blog post he wrote “Russia needs more Internet access, not less.”

Related Posts:

  • Russian Ministry Website Seems To Have Been Hacked By Ukraine Supporters, Searches For The Site Show “Glory to Ukraine” Results
    Russian Ministry Website Seems To Have Been Hacked…
  • Circle-droid_1@2x
    Google Develops Android OS Privately Amid Strategy Shift
  • app icons, social media, search _ logo, google, engine, software_md
    Google Announces Deactivation of AdSense Accounts in Russia
  • GitHub Incorporates GPT-4 Chatbot To Complete The Copilot X Code Snippet Generator.
    GitHub Incorporates GPT-4 Chatbot To Complete The…
  • OUXSPAPPUVK27H6RHKQWKLT4VI
    OpenAI Is Developing A New Language Model Open Source AI
  • skynews-russia-hacker_5812455
    Russian Hackers Target WhatsApp for Data on Ukraine
  • 18bAvv_0lWhr7GO00
    Twitter Source Code Was Leaked On GitHub, Looking…
  • Screenshot 2024-10-03 at 15.34.40
    GitHub Copilot Surpasses 15 Million Users

Discover more from TechBooky

Subscribe to get the latest posts sent to your email.

Tags: businesscodedevelopmentgovernmentinternetnew featureopen sourceprotestwarerussiaRussiansecuritysmartphonesoftwareUpdateusers
Olagoke Ajibola

Olagoke Ajibola

Olagoke Ajibola is a creative writer and content producer with an eye for details and excellence. He has a demonstrated history of telling stories for TV, Film and Online. Aside from being fascinated by the power of imagination, his other interest are travel, sport, reading and meeting people.

BROWSE BY CATEGORIES

Select Category

    Receive top tech news directly in your inbox

    subscription from
    Loading

    Freshly Squeezed

    • DOJ Reportedly Investigates Google’s Character.AI Partnership May 23, 2025
    • Sony Organises A PlayStation Event for June; A State of Play May 23, 2025
    • Microsoft’s New AI features in Notepad, Paint, & Snipping Tool Test Trials May 23, 2025
    • Bluesky Starts Confirming “Notable” Users May 23, 2025
    • Affiniti Raises $17M for AI-Powered Small Business Finance May 22, 2025
    • Absolute Zero’ AI Achieves Top-Level Reasoning Without Human Data May 22, 2025

    Browse Archives

    May 2025
    MTWTFSS
     1234
    567891011
    12131415161718
    19202122232425
    262728293031 
    « Apr    

    Quick Links

    • About TechBooky
    • Advertise Here
    • Contact us
    • Submit Article
    • Privacy Policy

    Recent News

    DOJ Reportedly Investigates Google’s Character.AI Partnership

    DOJ Reportedly Investigates Google’s Character.AI Partnership

    May 23, 2025
    Sony Organises A PlayStation Event for June; A State of Play

    Sony Organises A PlayStation Event for June; A State of Play

    May 23, 2025
    Microsoft’s New AI features in Notepad, Paint, & Snipping Tool Test Trials

    Microsoft’s New AI features in Notepad, Paint, & Snipping Tool Test Trials

    May 23, 2025
    Bluesky Starts Confirming “Notable” Users

    Bluesky Starts Confirming “Notable” Users

    May 23, 2025
    Affiniti Raises $17M for AI-Powered Small Business Finance

    Affiniti Raises $17M for AI-Powered Small Business Finance

    May 22, 2025
    Absolute Zero’ AI Achieves Top-Level Reasoning Without Human Data

    Absolute Zero’ AI Achieves Top-Level Reasoning Without Human Data

    May 22, 2025
    • Login

    © 2021 Design By Tech Booky Elite

    Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    • African
    • Artificial Intelligence
    • Gadgets
    • Metaverse
    • Tips
    • About TechBooky
    • Advertise Here
    • Submit Article
    • Contact us

    © 2021 Design By Tech Booky Elite

    Discover more from TechBooky

    Subscribe now to keep reading and get access to the full archive.

    Continue reading

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok