Cybercriminals offer Ukrainians illegal border crossing services

The war in Ukraine opened new opportunities for cyber criminals to earn money. Researchers from Intel 471 they noticed ads on the dark web offering illegal border crossings for men from a war-torn country.

Researchers say that criminals use the help of insiders, probably employees of the border service, by offering services of smuggling people on the dark web. Since the beginning of the war, the Ukrainian government has banned all men between the ages of 18 and 60 from leaving the country.

Criminals claim that they can help, citing the example of a Ukrainian who crossed the border between Moldova and Ukraine and bypassed official checkpoints. Records of crossing the border for a person using this service are up to date in the passport and government databases.

Conflict also creates some unusual alliances. A Cybersixgill report says Chinese and Russian cybercriminals are starting to collaborate on the dark web.

This began last year when the RAMP forum reappeared with a new interface that made it easier for English and Chinese speakers to use. However, ties between Russian and Chinese cybercriminals have strengthened with the start of the war, and some Russian cybercriminals are considering whether to move to China for security reasons, according to Cybersixgill.

“Even in their Russian-speaking forums, Russian threat actors are actively discussing their efforts to establish an alliance with their Chinese counterparts, seeking prominent Chinese cybercrime platforms so they can reach out to them and develop partnerships,” the statement said. report.

Intel 471 also claims that the war has led to an increase in “travel scams” in the region, with criminals using insiders in travel companies. The scams are not limited to Eastern Europe – the global tourism industry is an increasingly lucrative target as the summer holiday season begins, and the restrictions imposed by the pandemic are beginning to ease.

“Since January 2022, Intel 471 has spotted several players in a number of cybercrime forums selling credentials for travel-related websites.”

In February, one such actor released the credentials of a UK customer account from a major travel booking site and the sites of two US-based airlines, Intel 471 revealed. . Access to these accounts has enabled cybercriminals to use the rewards to book trips for themselves and their clients. Accounts and their reward points can be resold to others who want to do something similar.

Photo by nappy from Pexels



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!