Beware Crypto Donation Requests For Ukraine

Uploaded on 2022-04-19 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Check Point Research (CPR) is warning  the public to not donate to Ukraine via the Darknet, as cyber criminals are looking to quickly exploit the high-interest in the Russia-Ukraine conflict.  CPR has seen a trend where advertisements that request donations to Ukrainians are appearing on the Darknet. 

While some advertisements are legitimate, many are fraudulent and CPR provides examples of both. All the fake advertisements are requesting donation funds in the form of cryptocurrency. 

The Darknet is a part of the Internet that isn’t visible to search engines, requiring the use of anonymised browsers for access.

In one example, a woman alleging to be named “Marina” requests donations via a personal photo. CPR followed the trail to learn the image was taken from a German newspaper.  A short description states that ‘Marina’ and her children are trying to escape Ukraine due to the “very bad situation” and are asking money, to be donated in cryptocurrency, to do so.

The appeal also states, “Every coin helps”. Whilst the QR codes attached are addresses to crypto currency wallets. 

In another example, a Darknet advertisement points to a legitimate website that has already raised nearly $10 million in crypto in donation funds.This website is calling people to “Help the Ukrainian army and their wounded, as well as the families and children caught in the developing conflict”. It also refers to the “Defend Ukraine” Twitter account.

The website domain was registered on the 16th of February, a week before the war in Ukraine started. The site itself is simple and contains a list of different organisations and NGOs in Ukraine, as well as Crypto Currency, Bitcoin, Ethereum, and USDT.  All of the advertisements request donations in the form of crypto currency. No other information seems to be provided, raising questions about the overall authenticity and legitimacy of the page.

CPR urges potential donors seeking to help the Ukrainians to beware of the links they go to and the websites used to send funds using  fraudulent donation pages to aid Ukraine on the Darknet.

Oded Vanunu, Head of Product Vulnerabilities Research, at Check Point Software commented “CPR has always taken a close look at the Darknet. Last year, we found advertisements for fake coronavirus services. Now, we’re seeing donation scams appear on the Darknet, as the Russia-Ukraine conflict intensifies. These advertisements are using fake names and personal stories to lure people into donating... In one example, we saw someone alleging to be the name ‘Marina’, displaying a personal photo with her children in hand. It turns out that the image is actually taken from a German newspaper.

“At the same time, we’re seeing legitimate advertisements for donations to help Ukrainians, where we show one example that managed to raise nearly ten million dollars... Thus, legitimate and fraudulent advertisements are being mixed on the Darknet. The Darknet can be a dangerous place. I strongly urge anyone looking to donate to use trusted sources and mediums. CPR will continue to monitor the Darknet throughout the ongoing war and report any other wrongdoing.”

Check Point:      Deutsche Welle: 

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

 

« Deep-Fake Information Warfare
Zelensky Deepfake Tells Ukrainians To ‘lay down arms’ »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

NetMonastery DNIF

NetMonastery DNIF

NetMonastery is a network security company which assists enterprises in securing their network and applications by detecting threats in real time.

Rewertz

Rewertz

Rewterz is a cyber security company based out of Dubai, serving customers in UAE, Oman, Qatar, Bahrain, Saudi Arabia, and Pakistan.

Relution

Relution

Relution is the Unified Endpoint Management platform for innovative companies and educational institutions. It enables you to manage your mobile apps and devices easily and securely.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

Cybergroot

Cybergroot

Cybergroot provides Cybersecurity Assessment services and professional Information Security trainings.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

Queen Consulting & Technologies

Queen Consulting & Technologies

Queen Consulting & Technologies specialize in providing IT support, management, and Security to Gov’t Contractors, CPAs, and Nonprofits.