UA EN RU
All topics
Topics
UA EN RU
Last news
The Prime Minister of Israel Postponed His Son's Wedding Due to Operation Against Iran today, 00:30
British intelligence reports North Korea's losses in Kursk yesterday, 22:42
Strike from Within: Ukraine and Israel Showcase New Warfare Tactics, - NYT yesterday, 22:00
Israel struck a record long-range attack on an airport in Iran yesterday, 21:27
Reuters: Trump rejected the Israeli plan to assassinate Iran's supreme leader yesterday, 20:55
Attacking from three directions: ISW reported on the new phase of the Russian offensive yesterday, 20:30
Europe offered Iran urgent negotiations yesterday, 18:15
Drones attacked the plant assembling 'Shaheds' in Yelabuga: airports were closed in two cities yesterday, 17:30
Israel asks the US for help with strikes on Iran's nuclear facilities yesterday, 15:15
One of the commanders of the occupying 'militia' in Zaporizhzhia has been eliminated yesterday, 14:30
GUU agents incapacitated Russian military-industrial complex and army facilities in Kaliningrad: video yesterday, 14:30
Israel may eliminate Iran's leader Khamenei, - WSJ yesterday, 13:45
Terrorist Girkin considers Putin an idiot yesterday, 12:50
Enemy Losses as of June 15, 2025 – Armed Forces of Ukraine General Staff yesterday, 08:54
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2041
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2041
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
The Prime Minister of Israel Postponed His Son's Wedding Due to Operation Against Iran
The Prime Minister of Israel Postponed His Son's Wedding Due to Operation Against Iran
today, 00:30 165
British intelligence reports North Korea's losses in Kursk
British intelligence reports North Korea's losses in Kursk
yesterday, 22:42 351
Strike from Within: Ukraine and Israel Showcase New Warfare Tactics, - NYT
Strike from Within: Ukraine and Israel Showcase New Warfare Tactics, - NYT
yesterday, 22:00 344
Israel struck a record long-range attack on an airport in Iran
Israel struck a record long-range attack on an airport in Iran
yesterday, 21:27 324
Reuters: Trump rejected the Israeli plan to assassinate Iran's supreme leader
Reuters: Trump rejected the Israeli plan to assassinate Iran's supreme leader
yesterday, 20:55 409
Attacking from three directions: ISW reported on the new phase of the Russian offensive
Attacking from three directions: ISW reported on the new phase of the Russian offensive
yesterday, 20:30 399

Advertising