Blind Eagle Strikes Again: Colombian Institutions Under Siege by Notorious Cybercriminals
Blind Eagle’s latest campaigns have Colombian institutions on high alert, with over 1,600 victims hit. Known for its targeted APT approach, the group exploits file-sharing platforms to spread malware. Their technical prowess and knack for operational errors make them both formidable and occasionally hilariously clumsy.
Hot Take:
Looks like Blind Eagle has graduated from the School of Hard Hacks with flying colors! With a diploma in deception and a minor in malware, they’re spreading chaos like it’s a new dance craze in South America. Who knew cybercrime had geographical preferences? Watch out, Colombia, this eagle has its sights set on your data!
Key Points:
- Blind Eagle, also known as AguilaCiega, APT-C-36, and APT-Q-98, has been targeting Colombian institutions since at least 2018.
- The group uses social engineering, mainly spear-phishing emails, to deploy remote access trojans.
- They have integrated a variant of the CVE-2024-43451 exploit, despite the patch being released.
- Operations reveal that the group works in the UTC-5 timezone, hinting at South American origins.
- They utilize platforms like Bitbucket and GitHub to distribute malware, bypassing traditional security measures.
Already a member? Log in here