UA EN RU
All topics
Topics
UA EN RU
Last news
Trump's statement after conversation with Putin: main points of the night today, 06:45
800 thousand Russian troops may receive 'new orders' after a ceasefire in Ukraine, – BILD yesterday, 17:31
Between China and the USA: How Gulf Countries Can Change the Balance of Power in AI yesterday, 16:30
Bloomberg reveals Putin's expectations from talks with Trump yesterday, 15:40
Pokrovsk Direction: Urgent Change of Commander in the 59th Brigade - Media yesterday, 12:20
Neutrality does not mean indifference: Austria may join the peacekeeping mission in Ukraine yesterday, 11:55
Over 167 thousand war crimes by Russians registered in Ukraine - Lubinets yesterday, 11:05
ISW explained why the Kremlin does not plan to end the war yesterday, 10:15
Elections in Romania, details about Biden's illness: main points of the night yesterday, 06:45
Kellogg Reveals the First Point of the Peace Plan by the USA, Ukraine, and the EU yesterday, 00:45
Frontline situation as of May 18. General Staff summary 18.05.2025
'No Compromises': ISW Reveals Putin's True Intentions in the War with Ukraine 18.05.2025
Zelensky made an unexpected gift to the Pope 18.05.2025
Merz, Macron and Starmer want to talk to Trump before his call with Putin 18.05.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1614
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1614
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Trump's statement after conversation with Putin: main points of the night
Trump's statement after conversation with Putin: main points of the night
today, 06:45 154
800 thousand Russian troops may receive 'new orders' after a ceasefire in Ukraine, – BILD
800 thousand Russian troops may receive 'new orders' after a ceasefire in Ukraine, – BILD
yesterday, 17:31 584
Between China and the USA: How Gulf Countries Can Change the Balance of Power in AI
Between China and the USA: How Gulf Countries Can Change the Balance of Power in AI
yesterday, 16:30 618
Bloomberg reveals Putin's expectations from talks with Trump
Bloomberg reveals Putin's expectations from talks with Trump
yesterday, 15:40 646
Pokrovsk Direction: Urgent Change of Commander in the 59th Brigade - Media
Pokrovsk Direction: Urgent Change of Commander in the 59th Brigade - Media
yesterday, 12:20 666
Neutrality does not mean indifference: Austria may join the peacekeeping mission in Ukraine
Neutrality does not mean indifference: Austria may join the peacekeeping mission in Ukraine
yesterday, 11:55 657

Advertising