UA EN RU
All topics
Topics
UA EN RU
Last news
ISW explains Putin's goal in Ukraine today, 09:15
The USA struck nuclear facilities in Iran: Trump announced 'total destruction' today, 08:52
Enemy losses as of June 22, 2025 – General Staff of the Armed Forces of Ukraine today, 08:20
The End of 'Peaceful' Rhetoric: What Putin's New Ultimatum Means for Ukraine and the World today, 03:02
The Main Intelligence Directorate Reveals Missile and Drone Stocks and Production Rates in the Russian Federation today, 01:05
Iran's Leader Khamenei Prepared Three Successors in Case of Assassination, NYT today, 00:45
The British political scientist explained why Putin clings to the war at any cost yesterday, 22:30
The USA has deployed B-2 stealth bombers to Iran amid tensions with Israel yesterday, 20:34
MP stated that Minister Chernyshov is awaiting suspicion yesterday, 18:53
Orban Completely Failed: Anti-Ukrainian Schemes of Putin's Friend Ended in Failure yesterday, 18:45
The point of no return has been passed: the IDF made an urgent statement yesterday, 16:30
More than 1950 missiles and thousands of Shahed-136: GUR revealed data on the RF arsenal yesterday, 14:41
Russia launched a massive strike on Kremenchuk: attacked with 'Kinzhal', 'Shahed' and more yesterday, 11:15
Commander of the tactical group 'Vuhledar' Serhiy Naiev has left his post yesterday, 10:53
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2170
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2170
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
ISW explains Putin's goal in Ukraine
ISW explains Putin's goal in Ukraine
today, 09:15 261
The USA struck nuclear facilities in Iran: Trump announced 'total destruction'
The USA struck nuclear facilities in Iran: Trump announced 'total destruction'
today, 08:52 379
Enemy losses as of June 22, 2025 – General Staff of the Armed Forces of Ukraine
Enemy losses as of June 22, 2025 – General Staff of the Armed Forces of Ukraine
today, 08:20 395
The End of 'Peaceful' Rhetoric: What Putin's New Ultimatum Means for Ukraine and the World
The End of 'Peaceful' Rhetoric: What Putin's New Ultimatum Means for Ukraine and the World
today, 03:02 650
The Main Intelligence Directorate Reveals Missile and Drone Stocks and Production Rates in the Russian Federation
The Main Intelligence Directorate Reveals Missile and Drone Stocks and Production Rates in the Russian Federation
today, 01:05 655
Iran's Leader Khamenei Prepared Three Successors in Case of Assassination, NYT
Iran's Leader Khamenei Prepared Three Successors in Case of Assassination, NYT
today, 00:45 719

Advertising