UA EN RU
All topics
Topics
UA EN RU
Last news
Air raid alarm spreads across Ukraine: Russia launched drones and remains silent about a ceasefire today, 02:49
Trump ready to ramp up sanctions against Russia amid ultimatum from the West – Bloomberg yesterday, 17:34
Russian Army Transitions to Motorcycles for Assault Operations - Media yesterday, 15:25
Special Forces entered the enemy's rear and eliminated an assault group of eight Russians yesterday, 14:57
The Kremlin Uses the Ceasefire Theme for Manipulation - ISW yesterday, 12:30
On the Siverskyi direction, the Russians have accumulated motorcycles for storming the positions of the Armed Forces of Ukraine yesterday, 12:05
Support for Ukraine: Britain to Hold Meeting of EU Foreign Ministers yesterday, 11:15
Intelligence revealed details of the new Russian cruise missile – S8000 'Banderoled' yesterday, 10:41
Bolton: Putin risks 'losing' in negotiations over Ukraine - The Hill yesterday, 10:25
Front Line as of May 11, 2025. Summary of the General Staff yesterday, 00:10
I will wait for Putin personally: Zelensky announced a meeting in Turkey 11.05.2025
Rubio will attend the NATO summit in Turkey amid Putin's proposal for negotiations in Istanbul 11.05.2025
Trump urged Ukraine to immediately agree to negotiations with Russia 11.05.2025
Russia may strike Ukraine with missiles: Politico learned which city is in the crosshairs 11.05.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1555
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1555
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Drones over the territory of Ukraine
Air raid alarm spreads across Ukraine: Russia launched drones and remains silent about a ceasefire
today, 02:49 240
Trump ready to increase sanctions against Russia
Trump ready to ramp up sanctions against Russia amid ultimatum from the West – Bloomberg
yesterday, 17:34 492
Russian Army on Motorcycles for Assault Operations
Russian Army Transitions to Motorcycles for Assault Operations - Media
yesterday, 15:25 514
Special Forces eliminate the enemy assault group
Special Forces entered the enemy's rear and eliminated an assault group of eight Russians
yesterday, 14:57 537
The Kremlin Manipulates the Ceasefire Theme
The Kremlin Uses the Ceasefire Theme for Manipulation - ISW
yesterday, 12:30 597
Motorcycles for storming the positions of the Armed Forces of Ukraine
On the Siverskyi direction, the Russians have accumulated motorcycles for storming the positions of the Armed Forces of Ukraine
yesterday, 12:05 612

Advertising