Security News > 2023 > February > APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
2023-02-28 10:33

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia.

Blind Eagle, also known as APT-C-36, was recently covered by Check Point Research, detailing the adversary's advanced toolset comprising Meterpreter payloads that are delivered via spear-phishing emails.

The latest set of attacks involves the group impersonating the Colombian government tax agency, the National Directorate of Taxes and Customs, to phish its targets using lures that urge recipients to settle "Outstanding obligations."

The craftily designed email messages come with a link pointing to a PDF file that's purportedly hosted on DIAN's website, but actually deploys malware on the targeted system, effectively launching the infection chain.

Blind Eagle is suspected to be a Spanish-speaking group owing to the use of the language in its spear-phishing emails.

"The modus operandi used has mostly stayed the same as the group's previous efforts - it is very simple, which may mean that this group is comfortable with its way of launching campaigns via phishing emails, and feels confident in using them because they continue to work," BlackBerry said.


News URL

https://thehackernews.com/2023/02/apt-c-36-strikes-again-blind-eagle.html