Targets Tajikistan: New Macro Word Documents Phishing Tactics
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
From January to February 2025, a phishing campaign targeting Tajikistan was detected and attributed to TAG-110, a Russia-aligned threat actor. The campaign used Tajikistan government-themed documents as lures, shifting from previous tactics to macro-enabled Word template files for initial payload delivery. This change in approach demonstrates TAG-110's evolving tactics. The group's persistent targeting of Tajik government, educational, and research institutions aligns with Russia's strategy to maintain influence in Central Asia. The campaign likely aims to gather intelligence for influencing regional politics or security, particularly during sensitive events like elections or geopolitical tensions.
OPENCTI LABELS :
espionage,phishing,government,cherryspy,hatvibe,pyplunderplug,logpie,russia-aligned,tajikistan
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Targets Tajikistan: New Macro Word Documents Phishing Tactics