The dark web littered with Ukrainian crypto scammers

An increasing number of fraudulent advertisements appearing on the dark canvastricking users into donating to Ukraine in the form of cryptocurrency, prompted a warning from analysts from Searching for checkpoints (CPR), who advise people to look for honest donation methods to support Ukraine.

The dark web, which is invisible to search engines and accessible through anonymized browsers, in some ways came into its own during the war on Ukraine, with organizations such as the BBC use it to bring up-to-date news in Russiawhere its regular web services are restricted and citizens can only access state-approved media.

However, given the dark web’s long-documented usefulness to cybercriminals, it’s no surprise to see crypto scammers getting in on the action, taking advantage of Ukrainians’ desperate position to trick people.

“Last year we found advertisements for bogus coronavirus services. Now we see donation scams popping up on the dark net as the Russian-Ukrainian conflict escalates,” said Oded Vanunu, head of product vulnerability research at Check Point.

“These ads use fake names and personal stories to entice people to donate. In one example, we saw someone claiming to be “Marina”, posting a personal photo with their children in their hands. It turns out that the image is actually taken from a German newspaper.

The ad in question (see picture below) states that “Marina” and her children are trying to flee Ukraine due to the “very bad situation” and are asking for money in the form of cryptocurrency to do so. The ad includes QR codes that direct to existing crypto wallets, but when Vanunu’s team dug deeper, they discovered that Marina’s photo was taken on the Deutsche Welle news service. He also did not provide any other information, raising questions about the authenticity and legitimacy of the announcement.

That’s not to say there aren’t legit operators, though. Vanunu added: “We see legitimate advertisements for donations to help Ukrainians, where we show an example that managed to raise almost 10 million dollars. Thus, legitimate and fraudulent advertisements are mixed on the dark net.

The legitimate ad points to a website on the public web, Defend Ukraine, and an accompanying Twitter account that Check Point has confirmed to be reliable. The website has a list of organizations and NGOs in Ukraine in need of help and solicits donations in bitcoin and ethereum. It has received over $9 million in funding since its registration in February 2022.

Nonetheless, Vanunu advised those seeking to help Ukrainians in need to seek out trusted sources and not rely on dark web resources.

“The dark net can be a dangerous place,” he said. “I strongly urge anyone wishing to donate to use reputable sources and media. The CPR will continue to monitor the dark net throughout the ongoing war and report any further wrongdoing.”

UK citizens are invited to donate to Ukraine via the Disaster Emergency Committee Humanitarian Appeal, to which the government matched donations up to £25million. The government said many other organizations had appeals – the majority being legitimate, but even so you might want to consider checking that a charity is legitimate.

You can do this by checking the charity’s name and registration number. using the government charities registry. Most charities with an income of £5,000 or more must register and are regulated by the Charity Committee. If in doubt, you can also ask the organization itself for more information – a legitimate charity will always be happy to talk about their work.