There has been substantial commentary on the role of cyberattacks carried by low-level cybercrime actors in the Russia-Ukraine conflict. We analyse 358k web defacement attacks, 1.7M reflected DDoS attacks, 1764 Hack Forums posts mentioning the two countries, and 441 announcements (with 58k replies) of a volunteer hacking group for two months before and four months after the invasion. We find the conflict briefly but notably caught the attention of low-level cybercrime actors, with significant increases in online discussion and both types of attack targeting Russia and Ukraine. However, there was little evidence of high-profile actions; the role of these players in the ongoing hybrid warfare is minor, and they should be separated from persistent and motivated 'hacktivists' in state-sponsored operations. Their involvement in the conflict appears to have been short-lived and fleeting, with a clear loss of interest in discussing the situation and carrying out both defacement and DDoS attacks against either Russia or Ukraine after a few weeks.

翻译：关于低层级网络犯罪行为体在俄乌冲突中实施的网络攻击作用，学界已有诸多评论。我们分析了入侵前两个月及后四个月内的35.8万起网页篡改攻击、170万次反射型分布式拒绝服务攻击、1764条提及两国的黑客论坛帖子，以及一个志愿黑客组织发布的441条公告（含5.8万条回复）。研究发现，冲突短暂却显著吸引了低层级网络犯罪群体的关注，针对俄乌两国的网络讨论及两类攻击数量均显著增加。然而，鲜有证据表明其采取了高调行动：这些参与者在持续混合战争中的作用有限，应将其与受国家支持的持续性、动机明确的"黑客行动主义者"区分开。他们对冲突的参与呈现短暂性特征，数周后便明显丧失对讨论局势及对俄乌双方实施网页篡改和DDoS攻击的兴趣。