Avast is deeply saddened by the Ukraine conflict. We have employees and customers in both countries and are monitoring the situation very closely. We are focused as a priority on ensuring our people are safe and providing the support and help they and their families need at this challenging time. We are also dedicated to maintaining where possible our services and products to our users and our threat intelligence team has been working to quickly identify the new threats that are arising as a result of the conflict.
Statements from Michal Salat, Threat Intelligence Director at Avast
March 1, 2022
We have identified initiatives being shared through social media that encourage regular people to become hackers, by downloading DDoS tools to support DDoS attacks on Russian targets. The analysis of one of these tools shows that it isn’t secure, as it collects personal data that can make users identifiable, such as your IP address, country code, city, location derived from IP address, user name, hardware configuration and system language. Since the configuration is downloaded from a remote server, the tool can also support a DDoS attack on any target the server operator/ tool author picks without you knowing.
Although people might find it compelling to join these cyber forces as a way to voice their opinion on the war, it is still a cyber attack with all consequences. Users may think these tools provide a way to anonymously attack certain targets, however, they don’t protect the privacy and anonymity of the user, and can put the person at risk of retaliation attacks.
We strongly recommend that people do not engage with these initiatives, as they will escalate the situation and the “simple user-friendly tools” shared through these initiatives can be a privacy and security risk for the person downloading it.
February 25, 2022
Scammers have started to lure money out of people by pretending they are Ukrainians in desperate need of financial help. In the past, we have seen similar lures for people stuck while travelling or looking for love. Attackers do not have any moral barriers and will use any opportunity to get money out of people willing to help.
We strongly advise not to send any money, especially in any form of cryptocurrency. If you’d like to help people in Ukraine, please do so through a trusted organization operating in that region.
We also advise that consumers in both countries take steps to protect themselves from the anticipated higher volume of cyberattacks. They should ensure that their computer is fully updated (both system and applications), use quality security software, and pay the utmost attention to unexpected emails or chat links. It is important to remember that there will now be a massive spread of misinformation about the crisis, and cyber attackers (whether politically motivated or not) will take advantage of this.