Beware Crypto Donation Requests For Ukraine

Check Point Research (CPR) is warning  the public to not donate to Ukraine via the Darknet, as cyber criminals are looking to quickly exploit the high-interest in the Russia-Ukraine conflict.  CPR has seen a trend where advertisements that request donations to Ukrainians are appearing on the Darknet. 

While some advertisements are legitimate, many are fraudulent and CPR provides examples of both. All the fake advertisements are requesting donation funds in the form of cryptocurrency. 

The Darknet is a part of the Internet that isn’t visible to search engines, requiring the use of anonymised browsers for access.

In one example, a woman alleging to be named “Marina” requests donations via a personal photo. CPR followed the trail to learn the image was taken from a German newspaper.  A short description states that ‘Marina’ and her children are trying to escape Ukraine due to the “very bad situation” and are asking money, to be donated in cryptocurrency, to do so.

The appeal also states, “Every coin helps”. Whilst the QR codes attached are addresses to crypto currency wallets. 

In another example, a Darknet advertisement points to a legitimate website that has already raised nearly $10 million in crypto in donation funds.This website is calling people to “Help the Ukrainian army and their wounded, as well as the families and children caught in the developing conflict”. It also refers to the “Defend Ukraine” Twitter account.

The website domain was registered on the 16th of February, a week before the war in Ukraine started. The site itself is simple and contains a list of different organisations and NGOs in Ukraine, as well as Crypto Currency, Bitcoin, Ethereum, and USDT.  All of the advertisements request donations in the form of crypto currency. No other information seems to be provided, raising questions about the overall authenticity and legitimacy of the page.

CPR urges potential donors seeking to help the Ukrainians to beware of the links they go to and the websites used to send funds using  fraudulent donation pages to aid Ukraine on the Darknet.

Oded Vanunu, Head of Product Vulnerabilities Research, at Check Point Software commented “CPR has always taken a close look at the Darknet. Last year, we found advertisements for fake coronavirus services. Now, we’re seeing donation scams appear on the Darknet, as the Russia-Ukraine conflict intensifies. These advertisements are using fake names and personal stories to lure people into donating... In one example, we saw someone alleging to be the name ‘Marina’, displaying a personal photo with her children in hand. It turns out that the image is actually taken from a German newspaper.

“At the same time, we’re seeing legitimate advertisements for donations to help Ukrainians, where we show one example that managed to raise nearly ten million dollars... Thus, legitimate and fraudulent advertisements are being mixed on the Darknet. The Darknet can be a dangerous place. I strongly urge anyone looking to donate to use trusted sources and mediums. CPR will continue to monitor the Darknet throughout the ongoing war and report any other wrongdoing.”

Check Point:      Deutsche Welle: 

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

 

« Deep-Fake Information Warfare
Zelensky Deepfake Tells Ukrainians To ‘lay down arms’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Via Resource

Via Resource

Via Resource specialise in Information and Cyber Security recruitment in the UK, Europe and USA.

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

First Point Group (FPG)

First Point Group (FPG)

First Point Group provide a global technological recruitment service worldwide. Within that we have a specialist team of Cyber Security recruiters.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

National Cybersecurity Competence Centre (NC3)

National Cybersecurity Competence Centre (NC3)

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

At RIT’s Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Oduma Solutions

Oduma Solutions

Oduma Solutions is a wholly owned Ghanaian Cybersecurity company that offers information security services to organisations seeking to improve their security posture.