Security LandDec 18

Zscaler ThreatLabz documents BlindEagle APT's sophisticated attack on Colombian government infrastructure using steganography, compromised email accounts, and dual malware deployment (Caminho + DCRat). The September 2025 campaign demonstrates evolved tradecraft including Discord CDN abuse and fileless execution chains.

#SecurityLand #ThreatHorizon #Zscaler #BlindEagle #Colombia #Government #Ecuador #APT #RAT #Malware

Read More: https://www.security.land/blindeagle-colombian-government-caminho-dcrat-attack/

TechNaduAug 27, 2025

🚨 TAG-144 (Blind Eagle) continues ops vs South American gov’ts.
Spearphishing w/ gov’t emails + steganography payloads in images (GitHub/Discord).

Deploys RATs: AsyncRAT, Remcos, LimeRAT, XWorm.

Details: https://www.technadu.com/tag-144-blind-eagle-targets-south-american-governments-in-sustained-campaign/607205/

#CyberSecurity #APT #BlindEagle

The Threat CodexJun 30, 2025
Tracing Blind Eagle to Proton66
#BlindEagle
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/tracing-blind-eagle-to-proton66/
Tracing Blind Eagle to Proton66

Trustwave SpiderLabs has assessed that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66.

The Threat CodexSep 10, 2024
BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar
#BlindEagle #BlotchyQuasar
https://www.zscaler.com/blogs/security-research/blindeagle-targets-colombian-insurance-sector-blotchyquasar
BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar

BlindEagle is targeting the Colombian insurance sector with BlotchyQuasar variant. Capabilities include keylogging, monitoring bank services, & stealing information.

Andrea Fortuna Mar 1, 2023
#BlindEagle, a financially motivated threat actor also known as #APT-C-36, has launched attacks targeting organizations in Colombia and Ecuador since at least 2018. https://andreafortuna.org/2023/02/28/blind-eagle-has-reappeared-with-a-refined-toolset #cybersecurity
Blind Eagle has reappeared with a refined toolset

Blind Eagle, a financially motivated threat actor also known as APT-C-36, has launched attacks targeting organizations in Colombia and Ecuador since at least 2018.

Andrea Fortuna
Dmitry BestuzhevFeb 28, 2023

#BlindEagle Deploys Fake #UUE Files and #Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities
https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia

#Colombia #espionage

Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities

The threat group APT-C-36, also known as Blind Eagle, has been actively targeting organizations in Colombia and Ecuador, including health, financial, law enforcement, immigration, and an agency in charge of peace negotiation in the country.

BlackBerry