Beware Crypto Donation Requests For Ukraine

Uploaded on 2022-04-19 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Check Point Research (CPR) is warning  the public to not donate to Ukraine via the Darknet, as cyber criminals are looking to quickly exploit the high-interest in the Russia-Ukraine conflict.  CPR has seen a trend where advertisements that request donations to Ukrainians are appearing on the Darknet. 

While some advertisements are legitimate, many are fraudulent and CPR provides examples of both. All the fake advertisements are requesting donation funds in the form of cryptocurrency. 

The Darknet is a part of the Internet that isn’t visible to search engines, requiring the use of anonymised browsers for access.

In one example, a woman alleging to be named “Marina” requests donations via a personal photo. CPR followed the trail to learn the image was taken from a German newspaper.  A short description states that ‘Marina’ and her children are trying to escape Ukraine due to the “very bad situation” and are asking money, to be donated in cryptocurrency, to do so.

The appeal also states, “Every coin helps”. Whilst the QR codes attached are addresses to crypto currency wallets. 

In another example, a Darknet advertisement points to a legitimate website that has already raised nearly $10 million in crypto in donation funds.This website is calling people to “Help the Ukrainian army and their wounded, as well as the families and children caught in the developing conflict”. It also refers to the “Defend Ukraine” Twitter account.

The website domain was registered on the 16th of February, a week before the war in Ukraine started. The site itself is simple and contains a list of different organisations and NGOs in Ukraine, as well as Crypto Currency, Bitcoin, Ethereum, and USDT.  All of the advertisements request donations in the form of crypto currency. No other information seems to be provided, raising questions about the overall authenticity and legitimacy of the page.

CPR urges potential donors seeking to help the Ukrainians to beware of the links they go to and the websites used to send funds using  fraudulent donation pages to aid Ukraine on the Darknet.

Oded Vanunu, Head of Product Vulnerabilities Research, at Check Point Software commented “CPR has always taken a close look at the Darknet. Last year, we found advertisements for fake coronavirus services. Now, we’re seeing donation scams appear on the Darknet, as the Russia-Ukraine conflict intensifies. These advertisements are using fake names and personal stories to lure people into donating... In one example, we saw someone alleging to be the name ‘Marina’, displaying a personal photo with her children in hand. It turns out that the image is actually taken from a German newspaper.

“At the same time, we’re seeing legitimate advertisements for donations to help Ukrainians, where we show one example that managed to raise nearly ten million dollars... Thus, legitimate and fraudulent advertisements are being mixed on the Darknet. The Darknet can be a dangerous place. I strongly urge anyone looking to donate to use trusted sources and mediums. CPR will continue to monitor the Darknet throughout the ongoing war and report any other wrongdoing.”

Check Point:      Deutsche Welle: 

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

 

« Deep-Fake Information Warfare
Zelensky Deepfake Tells Ukrainians To ‘lay down arms’ »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Paraben

Paraben

Paraben provides digital forensics solutions for mobile devices, smartphones, email, hard drives, and gaming system.

Kaymera Technologies

Kaymera Technologies

Kaymera’s comprehensive mobile enterprise security solution defends against all mobile threat and attack vectors.

Tubitak

Tubitak

Tubitak is the scientific and technological research council of Turkey. Areas of research include information technology and security.

Second Nature Security (2NS)

Second Nature Security (2NS)

2NS provide vulnerability assessment, penetration testing, security audit, application and network security and secure software development processes.

Bechtel

Bechtel

Bechtel’s Industrial Control Systems Cyber Security Laboratory focuses on protecting large-scale industrial and infrastructure systems that support critical infrastructure.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

Veridium

Veridium

Veridium is a leader in single step - multi factor biometric authentication, designed to safeguard enterprises’ most critical assets.

R3I Ventures - House of DeepTech

R3I Ventures - House of DeepTech

The House of DeepTech is an incubator for deeptech entrepreneurs that are transforming global industries. Areas of interest include cybersecurity.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

CV-Library

CV-Library

Start your job search with 216,931 live UK vacancies on award-winning CV-Library. Register your CV and find local jobs near you today!

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.

ZeroGPT

ZeroGPT

ZeroGPT.com stands at the forefront of AI detection tools, specializing in the precise identification of ChatGPT-generated text.