UA EN RU
All topics
Topics
UA EN RU
Last news
Patriot and the Introduction of Troops: Zelensky Reacted Sharply to Russia's Rocket Terror today, 18:13
Budanov spoke about one of the coolest operations of the GUR today, 18:00
This will be terrible: Poland warns Trump against 'historical mistake' today, 17:15
The UN recognized the strike on Kryvyi Rih as the deadliest massacre of children during the war today, 16:50
A wave of protests against Trump's policies has swept across America today, 16:30
These attacks are Putin's response to all international diplomatic efforts. Zelensky on Russian shelling today, 14:16
ISW names the only way to stop Putin in Ukraine today, 13:30
Rutte outlines NATO's red lines in negotiations regarding Ukraine today, 12:00
Russia fired rockets at Kyiv: photos of the aftermath today, 10:55
Putin is Playing a Double Game: NBC News Identifies the Main Goal of the Kremlin Dictator today, 09:45
Enemy losses as of April 6, 2025 – General Staff of the Armed Forces of Ukraine today, 08:48
Former MI-6 Chief Urges Britain to 'Wake Up' to Putin's Threats today, 08:15
British intelligence assessed the pace of the Russian offensive in Ukraine today, 06:30
Drones attacked the Rostov region today, 04:59
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 787
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 787
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Zelensky reacts to rocket terror
Patriot and the Introduction of Troops: Zelensky Reacted Sharply to Russia's Rocket Terror
today, 18:13 80
Budanov talks about the GUR operation
Budanov spoke about one of the coolest operations of the GUR
today, 18:00 85
Trump and Poland - a controversial history
This will be terrible: Poland warns Trump against 'historical mistake'
today, 17:15 92
Hurricane in Kryvyi Rih: horrific massacre of children
The UN recognized the strike on Kryvyi Rih as the deadliest massacre of children during the war
today, 16:50 113
America at the center of the protest waves against Trump
A wave of protests against Trump's policies has swept across America
today, 16:30 112
Zelensky on Russian shelling
These attacks are Putin's response to all international diplomatic efforts. Zelensky on Russian shelling
today, 14:16 167

Advertising