TAG-110 Group Conducts Cyber-Espionage in Central Asia and Europe
/ 1 min read
Russian-affiliated TAG-110 group targets Central Asia and Europe with custom malware. The TAG-110 threat group, linked to Russian state interests, is actively conducting cyber-espionage against government agencies, human rights organizations, and educational institutions across Central Asia, East Asia, and Europe. Utilizing custom malware such as HATVIBE and CHERRYSPY, TAG-110 has been implicated in attacks on 62 victims across 11 nations, with significant incidents reported in Kyrgyzstan, Uzbekistan, and Kazakhstan. HATVIBE serves as a loader for CHERRYSPY, which is designed to monitor systems and exfiltrate sensitive data. The group employs sophisticated techniques, including strong encryption and exploitation of web vulnerabilities, to maintain persistence and evade detection. Cybersecurity experts recommend using network defense tools and timely software updates to mitigate risks associated with these threats.