![](https://i.imgur.com/CLvY2jA.png")
01-04-2022, 04:29 PM
In Act of Hacktivism (terrorism?), Open Source Project Maintainer Uses Code to Wipe Russian and Belarusian Computers
https://www.cpomagazine.com/cyber-securi...computers/
Open source community stunned as project manager distributes malicious code
Hosted on Github, the “node-ipc” package is a highly popular networking tool that is used all over the world and has at times been downloaded a million times per week. A project manager going by “RIAEvangelist” added two new modules to a recent update: “peacenotwar” and “oneday-test,” which they described as “protestware.”
RIAEvangelist says that these modules were supposed to place an anti-war message on the desktops of users with a Russian or Belarusian IP address, calling it a “non-destructive example of why controlling your node modules is important.” What actually ended up happening for some users in those countries is that files began to be overwritten with a heart symbol.
RIAEvangelist claimed that this was not intentional and that his Twitter account was being targeted by hackers, and then seemed to flee from the internet in the face of a massive tide of outrage. His last update to the node-ipc page indicated that people had been sending him pizzas as a harassment technique and that someone may have sent a SWAT team to his home.
Going by the comments on the Github page, the open source community very much did not support this attempt at hacktivism. The offending version has since been removed.
https://www.cpomagazine.com/cyber-securi...computers/
Open source community stunned as project manager distributes malicious code
Hosted on Github, the “node-ipc” package is a highly popular networking tool that is used all over the world and has at times been downloaded a million times per week. A project manager going by “RIAEvangelist” added two new modules to a recent update: “peacenotwar” and “oneday-test,” which they described as “protestware.”
RIAEvangelist says that these modules were supposed to place an anti-war message on the desktops of users with a Russian or Belarusian IP address, calling it a “non-destructive example of why controlling your node modules is important.” What actually ended up happening for some users in those countries is that files began to be overwritten with a heart symbol.
RIAEvangelist claimed that this was not intentional and that his Twitter account was being targeted by hackers, and then seemed to flee from the internet in the face of a massive tide of outrage. His last update to the node-ipc page indicated that people had been sending him pizzas as a harassment technique and that someone may have sent a SWAT team to his home.
Going by the comments on the Github page, the open source community very much did not support this attempt at hacktivism. The offending version has since been removed.
