Last news
Zelensky after the meeting with Umerov promised changes in defense today, 20:51
It became known when the next meeting of 'Ramstein' will take place today, 20:28
Hetmancev answered whether the state should finance insurance today, 20:06
Payments before Independence Day — who among combatants will receive aid in 2025 today, 19:05
Trump announced the introduction of a 30% tariff on goods from the EU today, 19:03
Biletsky handed commemorative coins to the military of the 3rd OSHB — photo today, 18:28
The Price of Escape — FSB Interrogates Ukrainians in Basements in Transnistria today, 17:54
Ukrainian soldiers avenged the enemy for the murder of a child in Kherson region today, 17:45
Zelensky summarized the results of the conference on the restoration of Ukraine today, 17:24
Ukraine Still Lacks a Development Document — Hetmancev Explained today, 17:03
The Attack by the Russian Federation on Dnipropetrovsk Region - Two People Killed today, 16:16
SBU has identified the perpetrator of the strike on the Health Route in Odesa today, 15:49
A support rally for prisoners of war took place in Lviv - photos today, 15:46
Protecting Ukraine - a volunteer from Hungary died on the front line today, 15:13
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2527
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2527
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Zelensky after the meeting with Umerov promised changes in defense
Zelensky after the meeting with Umerov promised changes in defense
today, 20:51 330
It became known when the next meeting of 'Ramstein' will take place
It became known when the next meeting of 'Ramstein' will take place
today, 20:28 358
Hetmancev answered whether the state should finance insurance
Hetmancev answered whether the state should finance insurance
today, 20:06 379
Payments before Independence Day — who among combatants will receive aid in 2025
Payments before Independence Day — who among combatants will receive aid in 2025
today, 19:05 480
Trump announced the introduction of a 30% tariff on goods from the EU
Trump announced the introduction of a 30% tariff on goods from the EU
today, 19:03 485
Biletsky handed commemorative coins to the military of the 3rd OSHB — photo
Biletsky handed commemorative coins to the military of the 3rd OSHB — photo
today, 18:28 535

Advertising