Summary: The threat actor Blind Eagle, also known as AguilaCiega, has been actively targeting Colombian institutions since November 2024, utilizing sophisticated social engineering tactics and malware delivery methods. Recent campaigns led to over 1,600 infections, leveraging vulnerabilities and exploiting file-sharing platforms to evade security measures. Findings also revealed the actorβs operations through a GitHub repository that inadvertently exposed sensitive credentials of numerous victims.
Affected: Colombian government and private institutions
Keypoints :
- The ongoing campaigns since November 2024 focus on Colombian judicial institutions and the infection rates are notably high.
- Blind Eagle employs spear-phishing emails and utilizes malware such as Remcos RAT and variants of PureCrypter to gain system access.
- An operational error led to the exposure of sensitive account information of 1,634 individuals in a deleted GitHub repository.
Source: https://thehackernews.com/2025/03/blind-eagle-hacks-colombian.html
Views: 8