Scammers Exploit Red Cross Name to Spread Malware in Russia

Cybercriminals posing as the International Committee of the Red Cross are targeting Russian users with fake Telegram files that install spyware and steal sensitive data.

Russian authorities have sounded the alarm over a new wave of cyber fraud exploiting the humanitarian reputation of the International Committee of the Red Cross (ICRC). According to the Ministry of Internal Affairs, criminals are distributing malicious Android installation packages (.apk files) disguised as Red Cross documents through Telegram.

Users receive direct messages urging them to download files with names like “List of Prisoners.apk” or “Red Cross App.apk.” Once installed, the software gives hackers full access to the device, enabling them to harvest passwords, bank details, and other private information.

The ICRC has already issued a public statement clarifying that it never sends such files. The organization maintains only one official Russian-language Telegram channel — @mkkk_ru — and warns that any other accounts impersonating them are fake.

The Ministry urges users to exercise caution and avoid downloading suspicious attachments, even if they appear to come from trusted sources.

Cybersecurity experts note that phishing schemes are becoming increasingly sophisticated. Modern attackers don’t just rely on technical tricks; they manipulate emotions, using themes like war, fear, and sympathy to exploit their victims.