UA EN RU
All topics
Topics
UA EN RU
Last news
Under the cover of the 'May truce', Russia is preparing to intensify strikes – Armed Forces of Ukraine today, 16:40
Amnesty International Report: Russia Continues to Commit War Crimes Against Ukraine today, 14:35
The Armed Forces of Ukraine received ammunition at the front from the Polish supplier 'PHU Lechmar' today, 14:10
Deportation of Children: Criminal Liability Introduced in Ukraine today, 13:20
The situation in the Novopavlivka direction has escalated: the enemy is pushing towards the borders of three regions today, 12:30
UN Security Council: Britain calls on Russia for an immediate ceasefire in Ukraine today, 11:40
The USA shifts the burden of assistance to Ukraine onto Europe: delays in tanks and pressure on Greece today, 10:50
Ukraine at the UN Security Council: Our desire for peace is undeniable, but not by giving up independence today, 10:00
In Latvia, a man received a sentence for participating in the war against Ukraine on the side of Russia today, 04:48
Response to the Russian Threat: The Netherlands Arm Their Fleet with Tomahawk Missiles today, 01:44
Trump does not give the green light: why the Abrams tanks for Ukraine are 'stuck' in Australia yesterday, 20:35
Estonia is building a powerful NATO munitions factory yesterday, 15:25
Osan Air Base: The US increases the number of F-16 fighters in South Korea by 155% yesterday, 14:35
The Ministry of Defense simplifies interaction with weapons manufacturers through a 'single window' yesterday, 13:45
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1437
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1437
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Tanks at the forefront with shells
Under the cover of the 'May truce', Russia is preparing to intensify strikes – Armed Forces of Ukraine
today, 16:40 290
Amnesty International Report: Russian War Crimes in Ukraine Continue
Amnesty International Report: Russia Continues to Commit War Crimes Against Ukraine
today, 14:35 455
The Polish supplier PHU Lechmar supplied ammunition to the Armed Forces of Ukraine
The Armed Forces of Ukraine received ammunition at the front from the Polish supplier 'PHU Lechmar'
today, 14:10 453
Children that have been deported: criminal liability
Deportation of Children: Criminal Liability Introduced in Ukraine
today, 13:20 478
Militants near Novopavlivka are on high alert
The situation in the Novopavlivka direction has escalated: the enemy is pushing towards the borders of three regions
today, 12:30 496
Britain calls on Russia for a ceasefire
UN Security Council: Britain calls on Russia for an immediate ceasefire in Ukraine
today, 11:40 480

Advertising