Last news
The GUR explained why Ukraine will not be able to deploy Tomahawk missiles today, 13:56
Putin Fears the US, Thus Reduced Strikes on Ukraine — Zelensky today, 13:51
In Kyiv region, officials of a medical institution have received suspicions - what is the reason today, 13:37
Take a moment - in Odesa, the memory of those killed in the war was honored today, 13:32
Trump revealed whether he consults with his wife regarding the war in Ukraine today, 13:26
Macron underperformed with Patriot, while Trump sent weapons — Day.LIVE broadcast today, 13:12
Mobilized Krupin Faced Hate After Statements About Draft Dodgers today, 12:52
Legendary hockey player criticizes Trump for his stance on Ukraine today, 12:48
Zelensky held a meeting on the defense sector - main topics today, 12:38
How RF drones were shot down over Odesa at night - a video has appeared today, 12:25
How a civilian can obtain an officer rank immediately today, 12:20
Industrial pollution — why there is debate around the laws today, 12:18
Expert explained what the cooperation of Budanov with the US intelligence brought today, 11:37
Social Protection and Payments - What Police Can Expect today, 11:24
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2581
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2581
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
The GUR explained why Ukraine will not be able to deploy Tomahawk missiles
The GUR explained why Ukraine will not be able to deploy Tomahawk missiles
today, 13:56 70
Putin Fears the US, Thus Reduced Strikes on Ukraine — Zelensky
Putin Fears the US, Thus Reduced Strikes on Ukraine — Zelensky
today, 13:51 73
In Kyiv region, officials of a medical institution have received suspicions - what is the reason
In Kyiv region, officials of a medical institution have received suspicions - what is the reason
today, 13:37 96
Take a moment - in Odesa, the memory of those killed in the war was honored
Take a moment - in Odesa, the memory of those killed in the war was honored
today, 13:32 98
Trump revealed whether he consults with his wife regarding the war in Ukraine
Trump revealed whether he consults with his wife regarding the war in Ukraine
today, 13:26 241
Macron underperformed with Patriot, while Trump sent weapons — Day.LIVE broadcast
Macron underperformed with Patriot, while Trump sent weapons — Day.LIVE broadcast
today, 13:12 230

Advertising