Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central Asia, East Asia, and Europe by deploying custom malware, HATVIBE and CHERRYSPY, to compromise government entities, human rights groups, and educational institutions.

Initial access is typically gained through phishing or exploiting vulnerable web services, as the campaign’s goal is to exfiltrate sensitive data and gather intelligence for geopolitical advantage.

The Russia-aligned TAG-110 group has been identified as the perpetrator of a recent cyber-espionage campaign targeting organizations in Central Asia, East Asia, and Europe.

It leverages custom malware, such as HATVIBE and CHERRYSPY, to execute sophisticated attacks aimed at achieving Russian geopolitical goals, which underscore the ongoing threat posed by nation-state-backed APT groups and the need for robust cybersecurity defenses.

TAG-110, a threat group possibly linked to the Russian APT28, has been targeting governments, human rights groups, and educational institutions in Central Asia and neighboring ...