Phishers Use Ukraine Invasion To Solicit Cryptocurrency

Phishers are impersonating legitimate aid organisations to steal donations intended for Ukrainian people. 

The threat detection firm Expel has  released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target crypto currency. “Since the start of the invasion of Ukraine, threat actors have specifically begun to impersonate legitimate aid organisations to exploit people’s desire to support refugees and victims with donations,” Expel said. 

Malicious emails detected included headlines asking recipients to help save Ukrainian children and seeking donations. One of the individuals who the threat actors impersonated via the phishing emails was Aronov Maxim, a doctor at Smile Children’s Hospital in Ukraine. 

This chain of emails email told targets that a children’s clinic had been destroyed because of the Russian invasion and that donations were needed “to help the sick and wounded children.” Some of the emails claim that the usual portals through which donations are received were currently closed due to the damage brought by the invasions, suggesting a crypto currency donation to a specific digital wallet instead. 

Expel condemned the attacks, stating that the threat actors were taking advantage of the crisis in Ukraine and exploiting its vulnerable population for personal gain. 

Expel advises legitimate donors to check the public wallet address and transaction history before sending money.
It is also thought that Russia could begin to rely on crypto as a form of currency since the “international financial rules and regulations are not as easily applied to cryptocurrency,” says Adam Levin, a cyber security expert and host of the “What the Hack” podcast. “It’s no surprise Russians are using it in the face of economic sanctions,” he says. 

Decrypt:     Oodaloop:      Infosecurity Magazine:      Expel:    Avast:     Time:      Adam Levin

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

« WEBINAR: How To Build A Successful Zero Trust Strategy For Data Analytics
Protecting Your Business From A Supply Chain Attack »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Acuity RM Group

Acuity RM Group

Acuity RM Group helps businesses worldwide effectively manage, prioritize and report on their risks to inform strategic and tactical decision-making and build long-term resilience.

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

BLUECYFORCE

BLUECYFORCE

BLUECYFORCE is the leading professional training and cyber defense training organization in France.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

EVOKE

EVOKE

EVOKE is an award-winning Digital Transformation company that partners with its clients to build digital workplace solutions for organizational challenges.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

Secure Enterprise Engineering (SEE)

Secure Enterprise Engineering (SEE)

SEE provides disruptive cybersecurity system engineering, architecture, and operational capabilities to make our customer’s missions execute faster, smarter, and more securely.

M7 Services

M7 Services

M7 Services are a comprehensive Managed Services Provider (MSP) with a focus on delivering cutting-edge information technology solutions and unparalleled customer service.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.

Cyber Dagger

Cyber Dagger

Cyber Dagger is a cybersecurity company driven by a mission to protect digital infrastructures and close the cybersecurity skills gap.

CyVent

CyVent

CyVent helps you select the right cybersecurity solutions at the right price for your unique situation, without the need to invest endless time evaluating the ever-evolving options.