Cybercrime Mounts Amidst Russia’s Effort to Evade Strict Sanctions Imposed by the U.S, and Others
The shelling of Ukraine continues as Russia’s invasion intensifies with each passing day. The conflict has been raging non stop since the initial incursion approximately a month ago, and, tragically, there are no signs of it coming to an end anytime soon.
As dire as the situation already is, it is quite disheartening to learn that cybercriminals have been taking unlawful advantage of the war to instigate numerous crimes, including defrauding individuals via crypto schemes.
In a series of reports from ongoing research being carried out by reputable sources, including Chainalysis, Cisco & Talos, and BankInfoSecurity, a heightened number of cryptocurrency-related scams have already been detected since the dawn of the Russia-Ukraine war.
If you understand how cybercrime works, then this likely comes as no surprise, considering that the perpetrators of such illicit acts often take advantage of people’s vulnerability.
Sadly, “vulnerability” is an understatement in the context of Russia’s invasion of Ukraine, from which over 3 million Ukrainians have fled to neighbouring countries in the hopes of finding sanctuary. That said, it is obvious that whoever is left in the country, especially in vulnerable cities such as Kyiv, Sumy, and Mariupol, among others, are in dire need of help.
Considering this, it is to be expected that good samaritans from all over the world would be willing to assist any Ukrainians who may still be stranded in war-torn cities. Regrettably, most of this communication takes place online, making it difficult to ascertain whether the person on the other end of the phone is genuine, or imitating sincerity.
According to a reputable source, cybercriminals have been detected sending out a variety of decoy emails in an attempt to exploit the situation. The emails are crafted to persuade the recipients to take actions that will ultimately benefit the attacker in the long run.
Since the war broke out in February, there has been a gradual increase in this type of activity; however, our source claims that what we have seen so far represents only a fraction of the overall fraudulent programs to come.
Cisco Talos, dubbed the world’s largest commercial intelligence group, specifically warned that, as the war intensifies, the prevalence of cybercrime activities such as spam messages will continue to rise.
In a Twitter post, CT revealed: “Scammers and spammers are trying to take advantage of evolving news around Ukraine to spread malware and try and trick their way into some cryptocurrency, posing as fake nonprofits.”
In a blog post, CT further underlined that global interest in the ongoing war in Ukraine has made it a convenient and effective event for cybercriminals to exploit. It went on to compare the current scenario to a string of cybercrime operations that followed the outbreak of the COVID-19 pandemic more than two years ago.
Although some of these cybercrimes can be prevented, considering that there may be protections in place to prevent malware, there is absolutely no guarantee that one can avoid them completely.
According to CT, “the risk of scams is significant and can be difficult to block, especially in the case of BEC, where trusted accounts are sending malicious emails.”
That said, it is in the best interests of everyone, especially those who intend to help individuals and organizations in Ukraine, to make a habit of investigating the destination to which they are sending help.
Russia Continues to Leverage Cryptocurrency as an Evasive Tool
If you have been following the news since the start of the war almost a month ago, you will no doubt be aware of the respective positions of Russia and Ukraine in the ongoing war. Like most conflicts, there is always a villain, and Russian happens to hold the title in this case.
So far, the world’s financial powers have taken a careful approach to their interference in the war, resulting in the use of sanctions as the most effective tool for pressuring the aggressor state. Notably, the U.S, Japan, and members of the European Union (EU) have cut ties with the Russian economy, disconnecting them from major financial services like the SWIFT payment system, among other measures.
As sanctions grow in intensity, they have had a severe impact on the Russian economy and financial institutions as a whole, prompting the aggressor state to turn to cryptocurrencies for refuge, and ultimately, as a means of bypassing sanctions.
Seeing how instrumental cryptocurrency has been for Russia, the Vice Prime Minister of Ukraine and Minister of Digital Transformation, Mykhailo Fedorov appealed to all major crypto exchanges in a tweet to block the addresses of Russian users.
Although Fedorov’s appeal came from a place of helplessness, and a plea for empathy, with Ukraine being the victim of the war, it was also a markedly selfish request. Ukraine has received over $63 million in cryptocurrency donations since the start of the war, putting them in poor stead to make such demands.
Regardless, there has been division among crypto platforms over the issue of Russian sanctions. Some crypto platforms have proceeded to either partially or completely boycott the aggressor nation, while others have decided not to disconnect Russian wallet holders at all.
For instance, both Coinbase and Binance have previously resisted requests to disconnect Russian users from their services. However, just recently, Coinbase bowed to the pressure, reportedly blocking 25,000 wallet addresses linked to Russia.
An interesting aspect to this is that, although the larger cryptocurrency platforms are in the public eye and can be more easily coerced into potentially taking action against their will, Russians realistically have a long list of exchanges around the world to choose from.
“There are tens of thousands of exchanges globally. Many of them are very small, many of them are less secure. Many of them are less compliant. We don’t control the industry. I can publish my sanction list, you can publish yours, guess what? No one else is going to follow it. It just moves Russian users to other smaller platforms,” Changpeng Zhao, founder and CEO of Binance, underlined while speaking on BBC Radio 4’s ‘Today’ program.
So far, the sanctions imposed by the U.S. and the EU at large have been eroded by Russia’s ability to access as many crypto exchanges as possible, and, unless a different approach is taken, sanctions may become a failed attempt to limit the scope of the aggressor nation.