As the Russian invasion of Ukraine draws on, consequences are being felt by many parts of the technology sector, including open-source software development.
In a recent announcement, the Russian bank Sber advised its customers to temporarily stop installing software updates to any applications out of concern that they could contain malicious code specifically targeted at Russian users, labeled by some as “protestware.”
As quoted in Russian-language news sites, Sber’s announcement reads:
Currently, cases of provocative media content being introduced into freely distributed software have become more frequent. In addition, various content and malicious code can be embedded in freely distributed libraries used for software development. The use of such software can lead to malware infection of personal and corporate computers, as well as IT infrastructure.
Where there was an urgent need to use the software, Sber advised clients to scan files with an antivirus or carry out manual review of source code — a suggestion that is likely to be impractical, if not impossible, for most users.