"Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain"

Blind Eagle, a financially driven threat actor, has reemerged with a sophisticated toolkit and a complex infection chain as part of its attacks against Colombian and Ecuadoran organizations. Check Point's latest research provides new insights into the tactics, techniques, and procedures (TTPs) of the Spanish-speaking gang, such as the employment of sophisticated tools and government-themed tricks to activate the kill chain. Blind Eagle, also known as APT-C-36, is noted for its limited geographic focus and indiscriminate attacks targeting South American countries since at least 2018. Trend Micro documented Blind Eagle's activity in September 2021, uncovering a spear-phishing campaign that spread BitRAT, a commodity malware, mostly to Colombian businesses, with a minor focus on Ecuador, Spain, and Panama. This article continues to discuss new findings surrounding the Blind Eagle's tools and infection chain. 

THN reports "Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain"