Press ESC to close

BlindEagle flying high in Latin America

CategoryDetails
Threat ActorsBlindEagle (APT-C-36)
Campaign OverviewTargeting entities in Latin America (primarily Colombia) with espionage and financial attacks.
Target Regions (Or Victims)Colombia, Ecuador, Chile, Panama, and other Latin American countries.
MethodologyPhishing (spear phishing and generalized), geolocation filtering, multi-stage malware deployment, use of publicly available RATs.
Product TargetedGovernmental institutions, financial companies, energy and oil & gas sectors.
Malware ReferencenjRAT, LimeRAT, BitRAT, AsyncRAT, Quasar RAT.
Tools UsedPhishing emails, open-source RATs, custom-built droppers, geolocation URL shorteners, steganography.
Vulnerabilities ExploitedNo specific vulnerabilities mentioned, uses social engineering and publicly available tools.
TTPsPhishing, RAT usage (keylogging, credential stealing), process injection (e.g., process hollowing), DLL sideloading, obfuscation, steganography.
AttributionBlindEagle (APT-C-36), based on targeting and methodology.
RecommendationsEnhance phishing defense, monitor unusual geolocation or URL activity, secure webmail and attachments.
SourceSecurelist by Kaspersky

Read full article: https://securelist.com/blindeagle-apt/113414/

The above summary has been generated by an AI language model

Leave a Reply

Your email address will not be published. Required fields are marked *