A game, developed by the so-called IT Army of Ukraine, makes it easy for anyone around the world to contribute to the overloading of Russian websites while playing a version of the simple sliding puzzle “2048”.
According to an FAQ published by the game’s developers, the “Play for Ukraine” game “doesn’t do any harm to your browser” but does “rely on a steady torrent of automated traffic to knock a target websites (sic) offline.”
The game’s developers recommend that Ukraine-based players turn on their VPN before beginning to play the game and participating in the denial-of-service attack, in order to hide their IP address.
Play for Ukraine’s FAQ declines to reveal which websites will be targeted by the game – aside from saying they are sites that “serve the Russian army.”
My advice would be to be extremely cautious. You have no control over what websites the game might target with unwanted traffic, and there’s always the possibility – however remote – that the game might be tampered with to launch attacks against websites outside Russia, or ones that you would rather not poke with a pointy stick.
In the past, hacktivists have used simple tools such as the Low Orbit Ion Cannon to launch DDoS attacks without adequately covering their tracks, and ended up in court as a result.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.