Blind Eagle’s Cyber Circus: 1,600 Victims and Counting!
Blind Eagle, a notorious cyberespionage group, has targeted over 1,600 victims in Colombia with malware, according to Check Point. Known for phishing attacks, they’ve expanded their arsenal, exploiting vulnerabilities like CVE-2024-43451. Despite patches, their cunning tactics have kept them a persistent threat in Latin America.
Hot Take:
***Who needs a Netflix thriller when South American hackers are dishing out a real-life espionage drama? Blind Eagle, the cyber equivalent of a soap opera villain, is back with more twists than a telenovela—and this time, they’ve unleashed a malware fiesta in Colombia. Clearly, Blind Eagle’s got more tricks up their sleeves than a magician at a kids’ birthday party.***
Key Points:
– Blind Eagle, also known as APT-C-36, has been targeting Colombian organizations with a new malware campaign.
– The group uses phishing emails to deliver remote access trojans and other commodity malware.
– They recently exploited a vulnerability, CVE-2024-43451, that Microsoft patched in November 2024.
– More than 1,600 infections were recorded in a single campaign against Colombian organizations.
– The cybercriminals used more than 10 different command-and-control servers and potentially compromised Google Drive accounts.