The owner of an apartment in Veliky Novgorod in Russia has been arrested for discrediting the country’s armed forces after a neighbor alerted the police to the message ‘Slava Ukraini’ scrolling across their LED curtains.

When police went to the scene, they saw the garland which the owner had hung in celebration of the New Year and a “slogan glorifying the Armed Forces of Ukraine,” as a spokesperson for the Ministry of Internal Affairs told state-owned news agency TASS.

The apartment owner said the garland was supposed to display a “Happy New Year” greeting, TASS reported.

Several other people in Russia described a similar experience on the AlexGyver web forum, linked to a DIY blog popular in the country. They said at the stroke of midnight on New Year’s Eve, their LED curtains also began to show the “Glory to Ukraine” message in Ukrainian.

It is not clear whether any of these other posters were also arrested. The man in Veliky Novgorod will have to defend his case in court, according to TASS. Police have seized the curtain itself.

An independent investigation into the cause of the message by the AlexGyver forum users found that affected curtains all used the same open-source firmware code.

The original code appears to have originated in Ukraine before someone created a fork translated into Russian. According to the Telegram channel for AlexGyver, the code had been added to the original project on October 18, and then in December the people or person running the fork copied and pasted that update into their own version.

“Everyone who downloaded and updated the firmware in December received a gift,” the Telegram channel wrote. The message was “really encrypted, hidden from the ‘reader’ of the code, and is displayed on the first day of the year exclusively for residents of Russia by [geographic region].”

Oleg Shakirov, an independent Russian cyber policy researcher, compared on social media the LED incident to other examples of open-source software manipulation within the context of protesting the invasion of Ukraine.

These included an intentional amendment to the JavaScript library node-ipc that checked to see if its host machine used an IP address based in Russia or Belarus, and if it did write over all of the device’s files with a heart symbol, as reported by The Register.

Beyond the consequences for the arrested man, the LED prank is unlikely to be remembered as one of the more significant cyber actions of the war between Russia and Ukraine, although it highlights the potential vulnerabilities caused by software dependencies.

Last month, an investigation by Radio Free Europe reported that Russia’s intelligence services might have been obtaining video footage from thousands of Ukrainian surveillance cameras equipped with a Russian software program known as Trassir.

On Tuesday, Ukraine’s security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine’s capital, Kyiv.

Numerous supply chain attacks have been observed during the course of the conflict, with Google’s Mandiant unit last year warning that hackers had been targeting Ukrainian government networks using fake Windows installers.

In March of last year, Rosaviatsia — responsible for regulating civil aviation in Russia — reportedly had to switch to pen and paper after a reported supply-chain attack, resulting in the collapse of its entire network and the loss of more than a year’s worth of emails. The agency denied the reports.

  • u/lukmly013 💾 (lemmy.sdf.org)
    link
    fedilink
    English
    -1011 months ago

    OK, I think this is taken a bit too far. It’s targeted at civilians. Just civilians. And clearly stuff like this is being taken too seriously in Russia. It might not be limited to just an arrest, which is already pretty bad, but who knows if those people might also get beaten up or worse.
    That’s too much of a risk for a prank.

    …These included an intentional amendment to the JavaScript library node-ipc that checked to see if its host machine used an IP address based in Russia or Belarus, and if it did write over all of the device’s files with a heart symbol, as reported by The Register…

    That’s just killing your project by turning it into malware. Malware that’s again just targeted at everyone. Also, determining position just by IP can get pretty inaccurate.

    If something like this is done, why not rather create a README file with instructions on how to safely access parts of web blocked in Russia and safely communicate with outside? Regular people just trust the lock icon on the browser, so it could benefit them.
    But still, that’s making the program do something it’s not supposed to, bringing in distrust.

    • @[email protected]
      link
      fedilink
      English
      2411 months ago

      If anyone is targeting the civilians that would be the russian police state itself. The curtain simply displays things, not even actually discrediting anyone. And maybe that should add another little incentive for the russian people to check their attitude towards the government and the state of things. “It doesn’t concern me” works well only until it doesn’t.

      • u/lukmly013 💾 (lemmy.sdf.org)
        link
        fedilink
        English
        711 months ago

        And maybe that should add another little incentive for the russian people to check their attitude towards the government and the state of things.

        Hmm, didn’t think of it this way.