UA EN RU
All topics
Topics
UA EN RU
Last news
NBU has recorded the strengthening of the hryvnia: what is happening with the dollar exchange rate yesterday, 22:35
Zelensky spoke about the conditions of negotiations with the Russian Federation and the placement of Western military contingents yesterday, 22:07
We are tripling military assistance': Norway approved a historic aid package for Ukraine yesterday, 18:29
Russia has doubled the number of drone strikes on Ukraine since the start of 'peace negotiations' yesterday, 16:45
Rubio: Russia has weeks to demonstrate readiness for peace in Ukraine yesterday, 16:27
Russia has lost nearly 10% of its strategic Tu-22M bombers yesterday, 15:50
In four cities, support centers for families of prisoners of war and missing persons have started operating yesterday, 15:25
Czech Initiative: How Long They Can Supply Ammunition to Ukraine yesterday, 14:35
Putin allowed a compromise on security guarantees for Ukraine yesterday, 13:45
Trump has issued a demand to Putin before negotiations regarding Ukraine yesterday, 12:55
Russia is accumulating missiles for a new strike on Ukraine - NATO intelligence data yesterday, 12:30
Kharkiv Under Fire: Russians Changed Their Strike Tactics yesterday, 11:40
There are no plans for a sudden US exit from Europe - NATO Secretary General yesterday, 10:50
Artificial Intelligence Against Guided Bombs: Results of NATO Hackathon Involving Ukraine yesterday, 10:25
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 696
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 696
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Strengthening of the hryvnia: dollar exchange rate is falling
NBU has recorded the strengthening of the hryvnia: what is happening with the dollar exchange rate
yesterday, 22:35 119
Zelensky on negotiations with the Russian Federation
Zelensky spoke about the conditions of negotiations with the Russian Federation and the placement of Western military contingents
yesterday, 22:07 102
Norway supports Ukraine with military assistance
We are tripling military assistance': Norway approved a historic aid package for Ukraine
yesterday, 18:29 162
Russian drones are carrying out twice as many strikes on Ukraine
Russia has doubled the number of drone strikes on Ukraine since the start of 'peace negotiations'
yesterday, 16:45 174
Rubio: RF has weeks to show readiness for peace in Ukraine
Rubio: Russia has weeks to demonstrate readiness for peace in Ukraine
yesterday, 16:27 170
Strategic Tu-22M bombers
Russia has lost nearly 10% of its strategic Tu-22M bombers
yesterday, 15:50 187

Advertising