UA EN RU
All topics
Topics
UA EN RU
Last news
Ukrainian Armed Forces warned about the change in Russian tactics during shelling today, 00:00
In Lviv region, drivers rebelled against mobilization: local military command responded yesterday, 23:15
Budanov predicted the future of Russia after the war yesterday, 22:30
Budanov explained the operation of Russian IPSO and named the safest messenger yesterday, 20:15
Russia is preparing an offensive: the Armed Forces of Ukraine named the directions where it will 'get hot' yesterday, 19:30
Patriot and the Introduction of Troops: Zelensky Reacted Sharply to Russia's Rocket Terror yesterday, 18:13
Budanov spoke about one of the coolest operations of the GUR yesterday, 18:00
This will be terrible: Poland warns Trump against 'historical mistake' yesterday, 17:15
The UN recognized the strike on Kryvyi Rih as the deadliest massacre of children during the war yesterday, 16:50
A wave of protests against Trump's policies has swept across America yesterday, 16:30
These attacks are Putin's response to all international diplomatic efforts. Zelensky on Russian shelling yesterday, 14:16
ISW names the only way to stop Putin in Ukraine yesterday, 13:30
Rutte outlines NATO's red lines in negotiations regarding Ukraine yesterday, 12:00
Russia fired rockets at Kyiv: photos of the aftermath yesterday, 10:55
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 796
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 796
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Ukrainian Armed Forces warned about the change in Russian tactics during shelling
Ukrainian Armed Forces warned about the change in Russian tactics during shelling
today, 00:00 142
Drivers protest due to mobilization
In Lviv region, drivers rebelled against mobilization: local military command responded
yesterday, 23:15 143
The future of Russia after the war
Budanov predicted the future of Russia after the war
yesterday, 22:30 162
Budanov explained the operation of Russian IPSO and named the safest messenger
Budanov explained the operation of Russian IPSO and named the safest messenger
yesterday, 20:15 179
The Armed Forces of Ukraine are located on the border
Russia is preparing an offensive: the Armed Forces of Ukraine named the directions where it will 'get hot'
yesterday, 19:30 165
Zelensky reacts to rocket terror
Patriot and the Introduction of Troops: Zelensky Reacted Sharply to Russia's Rocket Terror
yesterday, 18:13 168

Advertising