APT-C-36 (Blind Eagle) continues to target Colombia
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
APT-C-36, known as Blind Eagle, is suspected to originate from South America and primarily targets Colombia and other South American countries. Since October 2024, the group has been using more diverse and complex attack methods against Colombian entities. Their tactics involve multi-stage payload delivery and injection, memory execution to conceal traces, and anti-debugging techniques. The attack process includes using SVG files as bait, impersonating Colombian government communications, and ultimately deploying the AsyncRAT client for remote control. The group's technical capabilities have notably improved, incorporating techniques like 'Heaven's Gate' to evade analysis.
OPENCTI LABELS :
asyncrat,svg bait,heaven's gate,government impersonation
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
APT-C-36 (Blind Eagle) continues to target Colombia