Phishers Use Ukraine Invasion To Solicit Cryptocurrency

Phishers are impersonating legitimate aid organisations to steal donations intended for Ukrainian people. 

The threat detection firm Expel has  released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target crypto currency. “Since the start of the invasion of Ukraine, threat actors have specifically begun to impersonate legitimate aid organisations to exploit people’s desire to support refugees and victims with donations,” Expel said. 

Malicious emails detected included headlines asking recipients to help save Ukrainian children and seeking donations. One of the individuals who the threat actors impersonated via the phishing emails was Aronov Maxim, a doctor at Smile Children’s Hospital in Ukraine. 

This chain of emails email told targets that a children’s clinic had been destroyed because of the Russian invasion and that donations were needed “to help the sick and wounded children.” Some of the emails claim that the usual portals through which donations are received were currently closed due to the damage brought by the invasions, suggesting a crypto currency donation to a specific digital wallet instead. 

Expel condemned the attacks, stating that the threat actors were taking advantage of the crisis in Ukraine and exploiting its vulnerable population for personal gain. 

Expel advises legitimate donors to check the public wallet address and transaction history before sending money.
It is also thought that Russia could begin to rely on crypto as a form of currency since the “international financial rules and regulations are not as easily applied to cryptocurrency,” says Adam Levin, a cyber security expert and host of the “What the Hack” podcast. “It’s no surprise Russians are using it in the face of economic sanctions,” he says. 

Decrypt:     Oodaloop:      Infosecurity Magazine:      Expel:    Avast:     Time:      Adam Levin

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

« WEBINAR: How To Build A Successful Zero Trust Strategy For Data Analytics
Protecting Your Business From A Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Cyber Investing Summit

Cyber Investing Summit

Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

ESTsoft

ESTsoft

ESTsoft Securedisk is an enterprise-wide file security solution that stores and manages all data in a central file server.

Protectimus

Protectimus

Affordable two factor authentication (2FA) provider. Protect your data from theft with multi factor authentication service from Protectimus.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

EPIC Insurance Brokers & Consultants

EPIC Insurance Brokers & Consultants

EPIC is an insuarnce broker and consultancy firm. Risk management services include risk consultancy and cybersecurity insurance.

BRANDIT

BRANDIT

BRANDIT is a provider of online brand protection and legal enforcement services.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

Grove Security

Grove Security

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

Eureka Security

Eureka Security

Eureka help organizations securely use any cloud data storage technology they need without having to compromise on security.