216.73.217.80

Blind Eagle: ...And Justice for All

· Published 10/04/2025 18:50 · Modified 10/04/2025 20:12

Export JSON

Essential information

Published
10/04/2025 18:50
Modified
10/04/2025 20:12
Tags
2025-04-10 CVE-2024-43451 apt-c-36 colombia government heartcrypt phishing purecrypter remcos remcos rat webdav
Related entities
1 intrusion sets (apt), 9 techniques (mitre), 2 malware, 4 others

Description

Check Point Research uncovered ongoing campaigns by Blind Eagle () targeting Colombian institutions since November 2024. The group utilized malicious .url files, similar to , to deliver -packed malware and . Campaigns infected over 1,600 victims in a single instance. Blind Eagle exploited legitimate platforms like Google Drive and GitHub for distribution. The group's rapid adaptation to new vulnerabilities and use of underground tools highlight its sophistication. Operating in UTC-5 timezone suggests South American origin. An operational failure revealed past activities targeting Colombian banks, compromising over 8,000 entries of personal data.

External references