Phishers Use Ukraine Invasion To Solicit Cryptocurrency

Phishers are impersonating legitimate aid organisations to steal donations intended for Ukrainian people. 

The threat detection firm Expel has  released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target crypto currency. “Since the start of the invasion of Ukraine, threat actors have specifically begun to impersonate legitimate aid organisations to exploit people’s desire to support refugees and victims with donations,” Expel said. 

Malicious emails detected included headlines asking recipients to help save Ukrainian children and seeking donations. One of the individuals who the threat actors impersonated via the phishing emails was Aronov Maxim, a doctor at Smile Children’s Hospital in Ukraine. 

This chain of emails email told targets that a children’s clinic had been destroyed because of the Russian invasion and that donations were needed “to help the sick and wounded children.” Some of the emails claim that the usual portals through which donations are received were currently closed due to the damage brought by the invasions, suggesting a crypto currency donation to a specific digital wallet instead. 

Expel condemned the attacks, stating that the threat actors were taking advantage of the crisis in Ukraine and exploiting its vulnerable population for personal gain. 

Expel advises legitimate donors to check the public wallet address and transaction history before sending money.
It is also thought that Russia could begin to rely on crypto as a form of currency since the “international financial rules and regulations are not as easily applied to cryptocurrency,” says Adam Levin, a cyber security expert and host of the “What the Hack” podcast. “It’s no surprise Russians are using it in the face of economic sanctions,” he says. 

Decrypt:     Oodaloop:      Infosecurity Magazine:      Expel:    Avast:     Time:      Adam Levin

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

« WEBINAR: How To Build A Successful Zero Trust Strategy For Data Analytics
Protecting Your Business From A Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resource Centre for Cyber Forensics (RCCF)

Resource Centre for Cyber Forensics (RCCF)

RCCF is a pioneering institute, pursuing research activities in the area of Cyber Forensics.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

Spherical Defense

Spherical Defense

Spherical Defense offers an alternative approach to WAFs and first generation API security tools.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

Pryv

Pryv

Pryv is a Swissmade software for privacy, personal data collection, usage, sharing and storage.

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo is the UK’s largest cloud and cyber security event.

Acceptto

Acceptto

Acceptto offers the first unified and continuous authentication identity access platform with No-Password.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

PreEmptive Solutions

PreEmptive Solutions

PreEmptive Protection hit the sweet spot between cost, convenience and functionality by helping you protect and secure your apps in a smarter way.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Raman Power Technologies

Raman Power Technologies

Raman Power Technologies focus on bringing value and solving business challenges through the delivery of modern IT services and solutions including cybersecurity.

Protelion

Protelion

The Protelion Security Platform is uniquely architected to deliver security solutions that combine greater protection, flexibility, and performance.