UA EN RU
All topics
Topics
UA EN RU
Last news
In Ukraine, the defense resource management system is being modernized according to NATO standards today, 12:55
War in Gaza: How HAMAS Distorts Casualty Statistics - A Study today, 10:50
The Armed Forces of Ukraine explained why Russian troops are retreating from the western outskirts of Pokrovsk today, 10:00
Enemy losses as of April 22, 2025 – General Staff of the Armed Forces of Ukraine today, 08:55
Russia attacked Odesa with strike drones: consequences of the 'hits' today, 06:21
We are tired: Trump made a sharp statement about the war in Ukraine yesterday, 17:06
The USA has provided Ukraine with Trump's plan to end the war: WSJ reveals details yesterday, 14:35
From supplying weapons to investing in production: the EU changes its strategy to support Ukraine yesterday, 14:10
British fighters intercepted Russian planes near NATO borders twice in a week yesterday, 13:45
The Kremlin Prepares the Russian Society for a Possible Prolonged Conflict with NATO - ISW yesterday, 11:15
The Land Law: Who is Now Protected from the Return of Property to the State yesterday, 08:30
The President of the Czech Republic Originally Congratulated Citizens on Easter (video) yesterday, 04:34
Easter Truce: Zelensky made a new proposal to Putin 20.04.2025
British fighters intercepted Russian planes over the Baltics three times in a week 20.04.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1053
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1053
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Modernization of the defense resource management system according to NATO standards
In Ukraine, the defense resource management system is being modernized according to NATO standards
today, 12:55 201
HAMAS distorts casualty statistics
War in Gaza: How HAMAS Distorts Casualty Statistics - A Study
today, 10:50 337
Image of a Russian military convoy on the outskirts of Pokrovsk
The Armed Forces of Ukraine explained why Russian troops are retreating from the western outskirts of Pokrovsk
today, 10:00 352
Enemy losses as of April 22, 2025
Enemy losses as of April 22, 2025 – General Staff of the Armed Forces of Ukraine
today, 08:55 412
Ruins of Odesa from Russian shelling
Russia attacked Odesa with strike drones: consequences of the 'hits'
today, 06:21 468
Trump is at the negotiating table
We are tired: Trump made a sharp statement about the war in Ukraine
yesterday, 17:06 737

Advertising