There has been substantial commentary on the role of cyberattacks carried by low-level cybercrime actors in the Russia-Ukraine conflict. We analyse 358k web defacement attacks, 1.7M reflected DDoS attacks, 1764 Hack Forums posts mentioning the two countries, and 441 announcements (with 58k replies) of a volunteer hacking group for two months before and four months after the invasion. We find the conflict briefly but notably caught the attention of low-level cybercrime actors, with significant increases in online discussion and both types of attack targeting Russia and Ukraine. However, there was little evidence of high-profile actions; the role of these players in the ongoing hybrid warfare is minor, and they should be separated from persistent and motivated 'hacktivists' in state-sponsored operations. Their involvement in the conflict appears to have been short-lived and fleeting, with a clear loss of interest in discussing the situation and carrying out both defacement and DDoS attacks against either Russia or Ukraine after a few weeks.

翻译：关于低层级网络犯罪行为者在俄乌冲突中实施网络攻击的作用，学界已有大量评述。我们分析了攻击前后两个月及入侵后四个月期间的数据，包括35.8万次网页篡改攻击、170万次反射式DDoS攻击、1764条提及两国信息的黑客论坛帖文，以及一个志愿黑客组织发布的441条公告（含5.8万条回复）。研究发现，冲突短暂但显著地吸引了低层级网络犯罪行为者的关注，针对俄罗斯和乌克兰的在线讨论及两类攻击数量均大幅上升。然而，鲜有证据表明这些行为者实施了高调行动；他们在持续混合战争中的作用微乎其微，应将其与受国家支持的持续且动机明确的“黑客活动分子”区分开来。这些行为者对冲突的参与似乎短暂且转瞬即逝，数周后便明显丧失了对讨论局势及对俄乌两国实施网页篡改与DDoS攻击的兴趣。