Phishers Use Ukraine Invasion To Solicit Cryptocurrency

Phishers are impersonating legitimate aid organisations to steal donations intended for Ukrainian people. 

The threat detection firm Expel has  released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target crypto currency. “Since the start of the invasion of Ukraine, threat actors have specifically begun to impersonate legitimate aid organisations to exploit people’s desire to support refugees and victims with donations,” Expel said. 

Malicious emails detected included headlines asking recipients to help save Ukrainian children and seeking donations. One of the individuals who the threat actors impersonated via the phishing emails was Aronov Maxim, a doctor at Smile Children’s Hospital in Ukraine. 

This chain of emails email told targets that a children’s clinic had been destroyed because of the Russian invasion and that donations were needed “to help the sick and wounded children.” Some of the emails claim that the usual portals through which donations are received were currently closed due to the damage brought by the invasions, suggesting a crypto currency donation to a specific digital wallet instead. 

Expel condemned the attacks, stating that the threat actors were taking advantage of the crisis in Ukraine and exploiting its vulnerable population for personal gain. 

Expel advises legitimate donors to check the public wallet address and transaction history before sending money.
It is also thought that Russia could begin to rely on crypto as a form of currency since the “international financial rules and regulations are not as easily applied to cryptocurrency,” says Adam Levin, a cyber security expert and host of the “What the Hack” podcast. “It’s no surprise Russians are using it in the face of economic sanctions,” he says. 

Decrypt:     Oodaloop:      Infosecurity Magazine:      Expel:    Avast:     Time:      Adam Levin

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

« WEBINAR: How To Build A Successful Zero Trust Strategy For Data Analytics
Protecting Your Business From A Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

CyberSmart

CyberSmart

CyberSmart is a platform that allows you to maintain compliance, achieve certification and secure your organisation.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

Visible Statement

Visible Statement

Visible Statement is a computer-based delivery system designed to insure the retention and recall of your most important security training messages.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

The Citadel Department of Defense Cyber Institute (CDCI)

The Citadel Department of Defense Cyber Institute (CDCI)

CDCI is established to address the critical national security needed for a skilled cybersecurity workforce.

Fusion Risk Management

Fusion Risk Management

Fusion Risk Management focuses on operational resilience encompassing business continuity, risk management, IT risk, and crisis and incident management.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Legit Security

Legit Security

Legit Security's mission is to secure every organization's software factory by protecting the pipelines, infrastructure, code and people for faster and more secure software releases.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Quantum Ventura

Quantum Ventura

Quantum Ventura is a technology innovation company with a single mission of delivering customer-centric advanced solutions to US Federal & State Governments and Private Sector customers.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.