Turla APT Targets Albania With Backdooor in Ongoing Campaign to Breach European Organizations

This EclecticIQ research note reports discovery of a plaintext IP list uploaded from Albania that includes a known TinyTurla-NG command-and-control IP (91.193.18.120), linking the Russia-based Turla APT to regional targeting of Albania and other Baltic/Eastern European organizations; the report presents the file as authentic, lists multiple malicious IPs as indicators of compromise, and contextualizes the activity as part of an espionage-focused campaign against government-linked entities.