UA EN RU
All topics
Topics
UA EN RU
Last news
Former MP who fled Ukraine was spotted in Jerusalem today, 18:35
Ukrainian Permanent Representative to the UN Melnyk urged Merz to provide weapons to Ukraine: full list today, 16:45
'They are not touched by the TCC': the colonel of the Armed Forces of Ukraine said where to find prepared reserves for the army today, 14:30
Fines from the TSK: which regions lead in the number of proceedings today, 10:00
Enemy losses as of April 19, 2025 – General Staff of the Armed Forces of Ukraine today, 08:56
How to solve the mobilization problem? A well-known military figure named the event that will awaken the country today, 06:55
Kremlin threatens Germany over Taurus missiles for Ukraine today, 03:27
Poland has imposed a ban on photographing military objects today, 01:47
Almost 100 Russian soldiers attempted to escape from a military unit in Russia today, 00:47
Chechen leader in Strasbourg: Russian pseudo-opposition is Putin's soft power yesterday, 16:10
Vitkoff named Putin's conditions for negotiations: Ukraine may have to concede yesterday, 14:35
The USA set a deadline regarding Ukraine: may refuse peace efforts yesterday, 14:10
The USA has outlined its vision for a ceasefire in Ukraine to Europeans yesterday, 13:20
New Threat: Russia Tests Weapons of Mass Destruction on Ukrainians yesterday, 12:55
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 991
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 991
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Former MP spotted in Jerusalem
Former MP who fled Ukraine was spotted in Jerusalem
today, 18:35 57
Melnyk urges Merz to provide weapons to Ukraine
Ukrainian Permanent Representative to the UN Melnyk urged Merz to provide weapons to Ukraine: full list
today, 16:45 211
Illustration for the news about the Colonel of the Armed Forces of Ukraine and the prepared reserve for the army
'They are not touched by the TCC': the colonel of the Armed Forces of Ukraine said where to find prepared reserves for the army
today, 14:30 361
Fines from the TSK: regions with the largest number of proceedings
Fines from the TSK: which regions lead in the number of proceedings
today, 10:00 480
War in Ukraine: enemy losses as of April 19, 2025
Enemy losses as of April 19, 2025 – General Staff of the Armed Forces of Ukraine
today, 08:56 525
Mobilization problems: soldier speaks out with expansion
How to solve the mobilization problem? A well-known military figure named the event that will awaken the country
today, 06:55 539

Advertising