alexskopje - stock.adobe.com

Dark web littered with Ukraine crypto scammers

Cryptocurrency scammers are actively targeting people trying to donate funds to support Ukraine

An increasing number of fraudulent adverts appearing on the dark web, prompting users to make donations to Ukraine in the form of cryptocurrency, has prompted a warning from analysts at Check Point Research (CPR), who are advising people to seek out above-board methods of donating to support Ukraine.

The dark web, which is invisible to search engines and accessed through anonymised browsers, has in some regards come into its own during the war on Ukraine, with organisations including the BBC using it to bring up-to-date news to Russia, where its regular web services are subject to restrictions, and citizens can only access state-approved media.

However, given the dark web’s long-documented utility to cyber criminals, it comes as little surprise to see crypto scammers getting in on the action, leveraging the desperate position of Ukrainians to cheat people out of funds.

“Last year, we found advertisements for fake coronavirus services. Now we’re seeing donation scams appear on the dark net as the Russia-Ukraine conflict intensifies,” said Oded Vanunu, head of product vulnerabilities research at Check Point.

“These advertisements are using fake names and personal stories to lure people into donating. In one example, we saw someone alleging to be the name ‘Marina’, displaying a personal photo with her children in hand. It turns out that the image is actually taken from a German newspaper.”

The advert in question (see image below) states that “Marina” and her children are trying to escape Ukraine due to the “very bad situation” and are asking for money in the form of cryptocurrency in order to do so. The advert includes QR codes that direct to existing crypto wallets, but when Vanunu’s team dug deeper, they found that the photo of Marina was grabbed from the Deutsche Welle news service. It also did not provide any other information, raising questions about the ad’s authenticity and legitimacy.

This is not to say there are not some legitimate operators, however. Vanunu added: “We are seeing legitimate advertisements for donations to help Ukrainians, where we show one example that managed to raise nearly $10m. Thus, legitimate and fraudulent advertisements are being mixed on the dark net.”

The legitimate ad points to a website on the public web, Defend Ukraine, and an accompanying Twitter account that Check Point has confirmed to be reliable. The website contains a list of organisations and NGOs in Ukraine in need of assistance and solicits donations in both bitcoin and ethereum. It has received over $9m in funding since being registered in February 2022.

Nevertheless, Vanunu advised people looking to support Ukrainians in need to seek out trusted sources and not to rely on dark web resources.

“The dark net can be a dangerous place,” he said. “I strongly urge anyone looking to donate to use trusted sources and mediums. CPR will continue to monitor the dark net throughout the ongoing war and report any other wrongdoing.”

UK citizens are urged to donate to Ukraine through the Disasters Emergency Committee humanitarian appeal, to which the government has matched donations up to the value of £25m. The government said lots of other organisations have launched appeals – the majority legitimate, but even so, you may want to consider checking that a charity is legitimate.

You can do this by checking the charity’s name and registration number using the government’s charity register. Most charities with an income of £5,000 or more must register, and are regulated by the Charity Commission. If still in doubt, you can also ask the organisation itself for more information – a legitimate charity will always be happy to talk about its work.

Read more about Russia’s war on Ukraine

Read more on Hackers and cybercrime prevention

CIO
Security
Networking
Data Center
Data Management
Close