Full Report
TAG-110, a Russia-aligned threat group, targets organizations across Asia and Europe using HATVIBE and CHERRYSPY malware for espionage. Learn how Recorded Future's analysis uncovers the group’s tactics, techniques, and indicators of compromise.
Analysis Summary
Please provide the actual article content (the text or a valid JSON object containing the structured data described) for me to analyze.
Once you provide the context within the `{description}` placeholder, I will generate the structured threat actor summary following your specified format.
**Example of what I need:**
json
{
"description": "APT41, also tracked as Winnti, Barium, or Bronze Atlas, has been active since at least 2012, primarily focusing on intellectual property theft and espionage for the benefit of the Chinese state. Recent activity surrounding 'Operation Shader' saw them targeting software development firms in North America and Europe to inject malicious code into legitimate software updates. TTPs include spear-phishing with zero-day exploits against Windows kernel vulnerabilities (CVE-2021-XXXX) and the deployment of custom backdoors like 'ShadowPad' and 'Winnti'. Their motivation remains state-sponsored espionage, particularly against gaming, high-tech manufacturing, and healthcare sectors. Defenses should focus on patching kernel vulnerabilities immediately and monitoring for suspicious outbound traffic to IP addresses like 192.0.2.1 or communication via IRC servers."
}
---
**Awaiting your input for analysis.**