APT-C-36 Hackers Launching Cyberattacks on Government Entities, Financial Sectors, and Critical Systems

The cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with a pronounced focus on Colombian organizations.

This group has consistently zeroed in on government institutions, financial organizations, and critical infrastructure, exploiting vulnerabilities with a blend of technical prowess and social engineering.

Their primary modus operandi involves phishing emails as an initial attack vector, often deploying various Remote Access Trojans (RATs) equipped with mechanisms to obfuscate command-and-control (C2) traffic, making detection a significant challenge for traditional security systems.

Blind Eagle’s Persistent Threat to Latin America

A notable escalation in Blind Eagle’s activities has been observed since November 2024, with a targeted campaign against Colombian entities.

In this operation, threat actors have leveraged phishing emails to distribute malicious URLs that, upon minimal user interaction, trigger the download ...