UA EN RU
All topics
Topics
UA EN RU
Last news
Trump assessed the hour-long conversation with Zelensky after talks with Putin today, 16:51
The Ministry of Defense clarified the procedure for joining the military service under the 'Contract 18-24' program today, 16:33
Reuters reported how Trump relaxed pressure on Russia today, 15:05
Americans are burning Tesla cars. Musk has found the guilty ones today, 14:58
Russia has intensified sabotage to pressure the US and Ukraine's allies - CSIS today, 14:40
Trump named possible date for ceasefire in Ukraine today, 14:15
Verification of IDPs in Ukraine: Ministry of Development proposed two possible paths today, 13:50
Ukraine will provide allies with a list of objects that Russia must not hit, - Zelensky today, 13:25
Diversification of Imports: Ukraine to Receive Additional Volumes of American Gas today, 12:35
Zelensky announced a conversation with Trump and responded to Putin's demand today, 12:10
In Ukraine, there are 460 temporarily occupied communities - minister today, 11:45
Bordering EU countries firmly oppose the return of Russian energy resources - Media today, 11:20
Ursula von der Leyen called for collective arms purchases by 2030 today, 10:55
France modernizes nuclear deterrence: new Rafale with hypersonic missiles by 2035 today, 10:30
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

today, 10:05 206
Shostal Oleksandr
Journalist Shostal Oleksandr
today, 10:05 206
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Trump and Zelensky speaking after talks with Putin
Trump assessed the hour-long conversation with Zelensky after talks with Putin
today, 16:51 66
The Ministry of Defense clarified the procedure for joining the military service
The Ministry of Defense clarified the procedure for joining the military service under the 'Contract 18-24' program
today, 16:33 71
Trump and Putin at a meeting
Reuters reported how Trump relaxed pressure on Russia
today, 15:05 64
Burned Tesla car after the fiery attack
Americans are burning Tesla cars. Musk has found the guilty ones
today, 14:58 155
Russian espionage and sabotage against the US
Russia has intensified sabotage to pressure the US and Ukraine's allies - CSIS
today, 14:40 154
Trump discusses the peace process in Ukraine
Trump named possible date for ceasefire in Ukraine
today, 14:15 151

Advertising