UA EN RU
All topics
Topics
UA EN RU
Last news
Bloomberg reveals Trump's new plan: Ukraine is pushed to the sidelines today, 18:15
SBU Operation 'Pavutyina' thwarted Putin's 'devastating strike' named 'Zeus's Lightning' - media today, 16:00
Sumy region in danger? Russian military continues attempts to advance in the region today, 14:23
Russia has lost another fighter jet in the Kursk direction today, 12:43
Zelensky revealed details of operation 'Spider Web' and the role of truck drivers with drones today, 12:15
Russia launched the most powerful strike on Kharkiv during the war: casualties reported today, 10:45
Combat map of Ukraine as of June 7, 2025 today, 10:12
In the Kharkiv region, the Armed Forces of Ukraine surrounded the occupiers today, 06:59
Russian occupation forces advance in Sumy region – DeepState today, 02:17
Frontline situation as of June 6, 2025. General Staff report today, 00:24
Abramovich's billions may never reach Ukraine – The Telegraph yesterday, 22:50
The Telegraph named the key target of the summer offensive of the Russian Federation yesterday, 20:40
Merz received guarantees from Trump on NATO, but spoke about the underestimation of the threat from Russia in the US yesterday, 20:28
Politico revealed Putin's plans for the phased occupation of Ukraine yesterday, 17:32
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 1879
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 1879
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Bloomberg reveals Trump's new plan: Ukraine is pushed to the sidelines
Bloomberg reveals Trump's new plan: Ukraine is pushed to the sidelines
today, 18:15 83
SBU Operation 'Pavutyina' thwarted Putin's 'devastating strike' named 'Zeus's Lightning' - media
SBU Operation 'Pavutyina' thwarted Putin's 'devastating strike' named 'Zeus's Lightning' - media
today, 16:00 222
Sumy region in danger? Russian military continues attempts to advance in the region
Sumy region in danger? Russian military continues attempts to advance in the region
today, 14:23 308
Russia has lost another fighter jet in the Kursk direction
Russia has lost another fighter jet in the Kursk direction
today, 12:43 388
Zelensky revealed details of operation 'Spider Web' and the role of truck drivers with drones
Zelensky revealed details of operation 'Spider Web' and the role of truck drivers with drones
today, 12:15 397
Russia launched the most powerful strike on Kharkiv during the war: casualties reported
Russia launched the most powerful strike on Kharkiv during the war: casualties reported
today, 10:45 469

Advertising