Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Show in Graph
Image Description
Common Information
Type Value
UUID 52896318-4a4d-4896-ac55-c2b6a8676952
Fingerprint 1d2c23d8c507da3ea3a4595ce94122b2a2df3de2cdcaff391c51da7bce0ec68d
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 15, 2024, 2:38 p.m.
Added to db March 11, 2024, 7:01 p.m.
Last updated Aug. 31, 2024, 5:38 a.m.
Headline Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Title Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign
Detected Hints/Tags/Attributes 130/3/33
Source URLs
Redirection Url
Details Source https://go.recordedfuture.com/hubfs/reports/cta-2024-0217.pdf
URL Provider
Details Provider Source level domain
Details recordedfuture.com go.recordedfuture.com
Attributes
Details Type #Events CTI Value
Details Autonomous System Number 14 
AS9009
Details CERT Ukraine 32 
UAC-0114
Details CVE 176 
cve-2023-23397
Details CVE 34 
cve-2022-27926
Details CVE 32 
cve-2023-5631
Details Domain 546 
www.recordedfuture.com
Details Domain 5 
bugiplaysec.com
Details Domain 2 
ocsp-reloads.com
Details Domain 4 
hitsbitsx.com
Details Domain 1 
mail.mod.gov.ge
Details Domain 5 
recsecas.com
Details Domain 265 
recordedfuture.com
Details sha256 2 
ea22b3e9ecdfd06fae74483deb9ef0245aefdc72f99120ae6525c0eaf37de32e
Details sha256 2 
6800357ec3092c56aab17720897c29bb389f70cb49223b289ea5365314199a26
Details IPv4 5 
176.97.66.57
Details IPv4 2 
198.50.170.72
Details IPv4 2 
38.180.2.23
Details IPv4 2 
86.105.18.113
Details IPv4 3 
38.180.3.57
Details IPv4 3 
176.97.76.118
Details IPv4 3 
38.180.76.31
Details IPv4 2 
176.97.76.129
Details MITRE ATT&CK Techniques 409 
T1566
Details MITRE ATT&CK Techniques 245 
T1203
Details MITRE ATT&CK Techniques 306 
T1078
Details MITRE ATT&CK Techniques 44 
T1212
Details MITRE ATT&CK Techniques 152 
T1056
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 89 
T1114
Details MITRE ATT&CK Techniques 115 
T1571
Details Threat Actor Identifier - APT 783 
APT28
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier by Recorded Future 11 
TAG-70