skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

TAG-110 Group Conducts Cyber-Espionage in Central Asia and Europe

/ 1 min read

Russian-affiliated TAG-110 group targets Central Asia and Europe with custom malware. The TAG-110 threat group, linked to Russian state interests, is actively conducting cyber-espionage against government agencies, human rights organizations, and educational institutions across Central Asia, East Asia, and Europe. Utilizing custom malware such as HATVIBE and CHERRYSPY, TAG-110 has been implicated in attacks on 62 victims across 11 nations, with significant incidents reported in Kyrgyzstan, Uzbekistan, and Kazakhstan. HATVIBE serves as a loader for CHERRYSPY, which is designed to monitor systems and exfiltrate sensitive data. The group employs sophisticated techniques, including strong encryption and exploitation of web vulnerabilities, to maintain persistence and evade detection. Cybersecurity experts recommend using network defense tools and timely software updates to mitigate risks associated with these threats.