Blind Eagle Strikes Again: Cyber Menace Targets Colombian Government with Five Sneaky Clusters!
Blind Eagle, a persistent threat actor, has been busy targeting Colombia’s government. Recorded Future has identified five activity clusters from May 2024 to July 2025, using spear-phishing and remote access trojans to attack various sectors. Is it cyber espionage or just a financial shakedown? Either way, Colombia’s getting all the unfriendly love.
Hot Take:
Move over, Bond villains—Blind Eagle is taking the espionage game to a whole new level with their cyber shenanigans. With a name like that, you’d expect them to have a sharp eye, but their tactics are as subtle as a high school hacker on Red Bull. Still, it seems they get the job done, targeting everything from banks to governments. If only they’d use their powers for good, like figuring out how to get your mom to stop sending you phishing emails disguised as cute cat videos.
Key Points:
- Blind Eagle, aka TAG-144, has been on a hacking spree, targeting Colombian government entities and various sectors in South America.
- The group uses spear-phishing techniques and cracked remote access trojans (RATs) like Lime RAT, DCRat, AsyncRAT, and Remcos RAT.
- They exploit legitimate internet services for staging, making it tricky to detect their malicious activities.
- Five distinct activity clusters have been identified, each with unique targets and methods.
- Their persistent focus on Colombia raises suspicions about their true motivations—financial gain or state-sponsored espionage?