Summary: The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a warning about a new attack campaign targeting Ukraine’s defense sectors using Dark Crystal RAT (DCRat). Attackers are distributing malicious messages via the Signal app, posing as legitimate communication, which include an executable that installs the DCRat malware for remote control and information theft. CERT-UA has linked the attacks to a known threat cluster, UAC-0200, amidst concerns about Signal’s responsiveness to Ukrainian law enforcement on such matters.
Affected: Defense sector of Ukraine
Keypoints :
- Dark Crystal RAT (DCRat) used in targeted attacks against defense entities in Ukraine.
- Malicious messages sent via Signal app contain meeting minutes leading to malware installation.
- Signal’s alleged inaction is causing concerns about aiding Russian cyber operations against Ukraine.
Source: https://thehackernews.com/2025/03/cert-ua-warns-dark-crystal-rat-targets.html