TAG-110, a Russia-aligned threat actor, has shifted its tactics to conduct spear-phishing campaigns against Tajikistan. This new method follows their past attacks using HTML Application loaders, indicating an evolution in their strategy. The campaign specifically targets public sector institutions such as government and educational organizations, likely aiming to gather intelligence for influencing regional politics. The activity resembles the operations of APT28 and highlights concerns regarding cybersecurity in Central Asia amid geopolitical tensions.
Given TAG-110's historical targeting of public sector entities in Central Asia, this campaign is likely targeting government, educational, and research institutions within Tajikistan.
These cyber espionage operations likely aim to gather intelligence for influencing regional politics or security, particularly during sensitive events like elections or geopolitical tensions.
Collection
[
|
...
]