UA EN RU
All topics
Topics
UA EN RU
Last news
US Commander in Europe warns against withdrawing American troops from the continent yesterday, 22:38
Preparation for Possible Attack by the Russian Federation: The European Union Creates a Fund for Purchasing Weapons yesterday, 19:04
Ukraine opened a new border crossing point with Hungary yesterday, 18:54
Mineral Agreement: Ukrainian Delegation to Discuss Revenue Share with Trump yesterday, 18:43
Ukraine has captured Chinese citizens in the Russian army: Zelensky urgently appealed to Beijing yesterday, 16:32
The Defense Forces assessed the threat of a Russian landing on the south yesterday, 12:30
Ukrainian Action Summit has opened in Washington yesterday, 10:50
Enemy losses as of April 8, 2025 – General Staff of the Armed Forces of Ukraine yesterday, 08:49
Russia makes technological breakthrough in drone management - El País yesterday, 05:02
Kostenko reported on the possibilities of mass production of UAVs in Ukraine yesterday, 02:11
Like Crazy: Trump Condemned the Bombing of Ukraine and Announced Direct Negotiations with Iran yesterday, 00:41
It became known how many enemy targets Ukrainian drones destroyed in March yesterday, 00:31
Ukraine nationalized the assets of Russian oligarch Deripaska for over 2 billion UAH 07.04.2025
The head of the recruitment center stated that it is much easier to fight than to work as a military officer: he is regularly caught drunk driving 07.04.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 842
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 842
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
US Commander warns about the withdrawal of American troops from Europe
US Commander in Europe warns against withdrawing American troops from the continent
yesterday, 22:38 104
A young soldier is training to shoot with an automatic rifle
Preparation for Possible Attack by the Russian Federation: The European Union Creates a Fund for Purchasing Weapons
yesterday, 19:04 141
New border crossing point at the Ukrainian-Hungarian border
Ukraine opened a new border crossing point with Hungary
yesterday, 18:54 165
Ukrainian delegation in negotiations with Trump
Mineral Agreement: Ukrainian Delegation to Discuss Revenue Share with Trump
yesterday, 18:43 173
Ukraine has captured Chinese citizens in the Russian army: Zelensky urgently appealed to Beijing
Ukraine has captured Chinese citizens in the Russian army: Zelensky urgently appealed to Beijing
yesterday, 16:32 206
Russian landing on the south
The Defense Forces assessed the threat of a Russian landing on the south
yesterday, 12:30 249

Advertising