Last news
Putin and Lukashenko Strike Fuel and Joint Military Drills Deal at Valdai Forum today, 19:24
Ukraine’s Public Consultation Law Is Passed but Won’t Take Effect Until After the War—Here’s Why today, 19:18
EU Extends Protection for Ukrainians Until 2028: Why Changes for Men Are Under Debate today, 19:12
Double the Debt Reprieve: New Bill Proposes Extended Loan Relief for Former Prisoners of War today, 19:06
Ukrainian Lawmaker Mykola Tyshchenko Faces Charges Over $1 Million Bribery and Money Laundering today, 19:01
Poland Blames Zelensky for Strained Bilateral Ties: What Sparked the Order Controversy today, 18:18
Ukraine Moves to Isolate Crimea: Strikes on Russian Supply Lines Trigger Emergency in the Peninsula today, 18:06
Zelensky’s Annual Address to Parliament: Why Putting Kyrylo Budanov in Charge Matters today, 17:54
Putin’s Claim of an Advance on Sumy Is False, Experts Say After Interview today, 17:48
Who Paid the $3.7 Million Bail for Ukraine’s Ex-Energy Minister? today, 17:30
Poland Expels 11 Ukrainians and Belarusians Accused of Orchestrating Paid Protests today, 17:18
11-Day Arrest for Oleksandr Lunin Following Video Appeal to Putin on Russian Army Torture today, 17:06
EU Commission Warns Belarus Against Entering the War—Here’s What That Means for Lukashenko’s Regime today, 16:54
Court Rejects Yermak’s Bid to Ease Pre-Trial Restrictions in $460 Million Money Laundering Case today, 16:48
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 3304
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 3304
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Putin and Lukashenko Strike Fuel and Joint Military Drills Deal at Valdai Forum
Putin and Lukashenko Strike Fuel and Joint Military Drills Deal at Valdai Forum
today, 19:24 76
Ukraine’s Public Consultation Law Is Passed but Won’t Take Effect Until After the War—Here’s Why
Ukraine’s Public Consultation Law Is Passed but Won’t Take Effect Until After the War—Here’s Why
today, 19:18 105
EU Extends Protection for Ukrainians Until 2028: Why Changes for Men Are Under Debate
EU Extends Protection for Ukrainians Until 2028: Why Changes for Men Are Under Debate
today, 19:12 126
Double the Debt Reprieve: New Bill Proposes Extended Loan Relief for Former Prisoners of War
Double the Debt Reprieve: New Bill Proposes Extended Loan Relief for Former Prisoners of War
today, 19:06 153
Ukrainian Lawmaker Mykola Tyshchenko Faces Charges Over $1 Million Bribery and Money Laundering
Ukrainian Lawmaker Mykola Tyshchenko Faces Charges Over $1 Million Bribery and Money Laundering
today, 19:01 163
Zelenskyy and Polish scandal
Poland Blames Zelensky for Strained Bilateral Ties: What Sparked the Order Controversy
today, 18:18 246

Advertising