UA EN RU
All topics
Topics
UA EN RU
Last news
Inventors in the Armed Forces of Ukraine to Receive Money: The Ministry of Defense Will Introduce a Reward System today, 02:22
The EU has finalized the dates for approving a new sanctions package against Russia yesterday, 20:32
The Russian Federation scaled up the production of Shaheds. A military expert explained how Ukraine can protect itself yesterday, 16:49
The Defense Forces explained why the enemy uses chemical weapons yesterday, 15:50
Kellogg Seeks Key to Peace in Ukraine with Lukashenko: Trump's Man to Visit Belarus yesterday, 14:35
GLOBSEC-2025: Humanitarian De-mining in Ukraine Discussed at Security Forum yesterday, 14:10
The enemy has changed tactics in the Sumy region - border guards yesterday, 12:55
Russians attack Ukrainian positions near the Antonivskiy bridges in Kherson region yesterday, 11:15
Escalation of Rocket Terror: Ukraine Calls for UN Security Council Meeting yesterday, 10:50
Hostile drones hit industrial facilities in Zaporizhzhia yesterday, 07:14
The State Border Guard Service explained why the enemy's infantry groups sharply reduced their activity in Sumy region yesterday, 04:22
Canada has imposed sanctions against the coach and lover of Putin 17.06.2025
The Russian missile program essentially consists of propaganda - expert 17.06.2025
Pro-Russian cultural center in Berlin costs Germany €70,000 per year 17.06.2025
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2108
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2108
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Inventors in the Armed Forces of Ukraine to Receive Money: The Ministry of Defense Will Introduce a Reward System
Inventors in the Armed Forces of Ukraine to Receive Money: The Ministry of Defense Will Introduce a Reward System
today, 02:22 244
The EU has finalized the dates for approving a new sanctions package against Russia
The EU has finalized the dates for approving a new sanctions package against Russia
yesterday, 20:32 581
The Russian Federation scaled up the production of Shaheds. A military expert explained how Ukraine can protect itself
The Russian Federation scaled up the production of Shaheds. A military expert explained how Ukraine can protect itself
yesterday, 16:49 678
The Defense Forces explained why the enemy uses chemical weapons
The Defense Forces explained why the enemy uses chemical weapons
yesterday, 15:50 698
Kellogg Seeks Key to Peace in Ukraine with Lukashenko: Trump's Man to Visit Belarus
Kellogg Seeks Key to Peace in Ukraine with Lukashenko: Trump's Man to Visit Belarus
yesterday, 14:35 761
GLOBSEC-2025: Humanitarian De-mining in Ukraine Discussed at Security Forum
GLOBSEC-2025: Humanitarian De-mining in Ukraine Discussed at Security Forum
yesterday, 14:10 741

Advertising