UA EN RU
All topics
Topics
UA EN RU
Last news
The Russian Foreign Intelligence Service Makes Europe Enemy Number One - Le Monde today, 04:15
A survey showed how many Poles are ready to volunteer at the front today, 03:06
Merz revealed three principles regarding the war of Russia against Ukraine today, 00:34
Syrsky reported critical losses of the occupiers in logistics yesterday, 20:55
The USA has its condition for a ceasefire: Yermak on Russia's position yesterday, 20:35
UAF: Russians have intensified the use of motorcycles at the front yesterday, 20:12
Not only minerals: FT revealed details of the new US-Ukraine resource deal yesterday, 18:30
Putin announced a truce with Ukraine yesterday, 16:05
We have a dangerous world': The US urged NATO allies to reconsider defense spending yesterday, 15:50
The Kremlin hides the true inflation figures - foreign intelligence yesterday, 15:25
Club for wealthy Trump supporters opens in Washington yesterday, 12:55
Crimean bridge under heavy control of the occupiers: what is happening yesterday, 11:40
Europe changes course: neighboring countries of the Russian Federation refuse to ban anti-personnel mines yesterday, 11:15
Ukraine plans to strengthen economic pressure on Russia - Shmyhal yesterday, 10:50
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1413
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1413
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
The Russian Foreign Intelligence Service Enemy of Europe
The Russian Foreign Intelligence Service Makes Europe Enemy Number One - Le Monde
today, 04:15 113
Survey - Poles ready to go to the front
A survey showed how many Poles are ready to volunteer at the front
today, 03:06 112
Merz revealed three principles of the war
Merz revealed three principles regarding the war of Russia against Ukraine
today, 00:34 362
Image of Russian military and equipment
Syrsky reported critical losses of the occupiers in logistics
yesterday, 20:55 456
Russia's position on the USA's condition
The USA has its condition for a ceasefire: Yermak on Russia's position
yesterday, 20:35 460
Flight of Russian military on a motorcycle
UAF: Russians have intensified the use of motorcycles at the front
yesterday, 20:12 461

Advertising