Cybercriminals exploit war in Ukraine with fake sites
Scammers and fraudsters are exploiting the Russian invasion of Ukraine to loot money and spread malware. They counterfeit legitimate websites and ask visitors to transfer money via cryptocurrencies to supposedly help civilian victims. In reality, the donations end up in the hands of cybercriminals.
That writes security company Infoblox in a blog.
Number of malicious websites about Ukraine doubled
Since the start of the war between Russia and Ukraine, the Infoblox Threat Intelligence Group has seen cybercriminals register domain names and launch websites related to the Russian invasion. By comparison, in the days after the first Russian troops invaded Ukraine, the number of registered Ukraine-related domain names has more than doubled.
Scammers jump on the news by supposedly asking for humanitarian aid for the war victims. They pose as decentralized anonymous organizations (DOAs) or independent charitable organizations with no hierarchical structure. Sometimes the cybercriminals ask for donations, other times they say to collect food, medicines, and other basic necessities.
Many suspicious and unreliable sites in circulation
It is striking that cybercriminals offer the possibility to transfer donations via Bitcoin and other cryptocurrencies. An example of this is an official-looking Twitter account of the Ukrainian government that asked if people could transfer donations in crypto coins the day after the Russian invasion. Since then, the number of untrustworthy fake sites has exploded.
Infoblox recognizes that it is extremely difficult for the average visitor to spot malicious websites. The web addresses, design of the sites, and texts often