Phishers Use Ukraine Invasion To Solicit Cryptocurrency

Phishers are impersonating legitimate aid organisations to steal donations intended for Ukrainian people. 

The threat detection firm Expel has  released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target crypto currency. “Since the start of the invasion of Ukraine, threat actors have specifically begun to impersonate legitimate aid organisations to exploit people’s desire to support refugees and victims with donations,” Expel said. 

Malicious emails detected included headlines asking recipients to help save Ukrainian children and seeking donations. One of the individuals who the threat actors impersonated via the phishing emails was Aronov Maxim, a doctor at Smile Children’s Hospital in Ukraine. 

This chain of emails email told targets that a children’s clinic had been destroyed because of the Russian invasion and that donations were needed “to help the sick and wounded children.” Some of the emails claim that the usual portals through which donations are received were currently closed due to the damage brought by the invasions, suggesting a crypto currency donation to a specific digital wallet instead. 

Expel condemned the attacks, stating that the threat actors were taking advantage of the crisis in Ukraine and exploiting its vulnerable population for personal gain. 

Expel advises legitimate donors to check the public wallet address and transaction history before sending money.
It is also thought that Russia could begin to rely on crypto as a form of currency since the “international financial rules and regulations are not as easily applied to cryptocurrency,” says Adam Levin, a cyber security expert and host of the “What the Hack” podcast. “It’s no surprise Russians are using it in the face of economic sanctions,” he says. 

Decrypt:     Oodaloop:      Infosecurity Magazine:      Expel:    Avast:     Time:      Adam Levin

You Might Also Read: 

Ukraine: Spam Website To Reach Millions Of Russians:

« WEBINAR: How To Build A Successful Zero Trust Strategy For Data Analytics
Protecting Your Business From A Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Security Alliance

Security Alliance

Security Alliance provide bespoke cyber intelligence consulting and research services.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

ResilientX

ResilientX

ResilientX is an All-In-One Security Testing Platform designed to help MSPs and SMBs to perform their security testing and assessments without having to outsource IT.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.