UA EN RU
All topics
Topics
UA EN RU
Last news
The 'Shahed' Swarms Are Now a Reality: Russia Has Significantly Increased the Production and Frequency of Drone Strikes, - WSJ today, 00:00
'All of Ukraine is ours': Putin again speaks about brotherly nations yesterday, 20:30
Zelensky imposed sanctions on the developers of UAVs 'Geran' and 'Orlan-10' yesterday, 16:40
The Russian Army has increased the number of airstrikes in Chernihiv region yesterday, 14:35
Dutch Defense Minister: The Ukrainian Army is Among the Most Innovative in Europe in Certain Aspects yesterday, 12:55
Russians are regrouping: attacks in the Novopavlivka direction have decreased yesterday, 11:40
Battle for Chasiv Yar: occupiers concentrate troops in the central areas of the city yesterday, 10:00
Russia has launched a massive attack on Odesa with strike drones: there are casualties yesterday, 07:10
The enemy attacked Kharkiv with drones twice in one night yesterday, 07:02
North Korea wants to send 25 thousand workers to Russia for the production of 'Shaheds' yesterday, 04:12
Trump to make a decision on Iran. The White House announced the deadlines yesterday, 02:46
Trump left the G7 summit due to Zelensky and Macron: FT learned the details 19.06.2025
The SBU presented exclusive photos and videos of the prisoner exchange 19.06.2025
North Korea to send 25 thousand workers to Russia: what does it want in return 19.06.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2147
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2147
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
The 'Shahed' Swarms Are Now a Reality: Russia Has Significantly Increased the Production and Frequency of Drone Strikes, - WSJ
The 'Shahed' Swarms Are Now a Reality: Russia Has Significantly Increased the Production and Frequency of Drone Strikes, - WSJ
today, 00:00 373
'All of Ukraine is ours': Putin again speaks about brotherly nations
'All of Ukraine is ours': Putin again speaks about brotherly nations
yesterday, 20:30 683
Zelensky imposed sanctions on the developers of UAVs 'Geran' and 'Orlan-10'
Zelensky imposed sanctions on the developers of UAVs 'Geran' and 'Orlan-10'
yesterday, 16:40 752
The Russian Army has increased the number of airstrikes in Chernihiv region
The Russian Army has increased the number of airstrikes in Chernihiv region
yesterday, 14:35 779
Dutch Defense Minister: The Ukrainian Army is Among the Most Innovative in Europe in Certain Aspects
Dutch Defense Minister: The Ukrainian Army is Among the Most Innovative in Europe in Certain Aspects
yesterday, 12:55 776
Russians are regrouping: attacks in the Novopavlivka direction have decreased
Russians are regrouping: attacks in the Novopavlivka direction have decreased
yesterday, 11:40 790

Advertising