 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Blind Eagle| Names | Blind Eagle (Qihoo 360) APT-C-36 (Qihoo 360) | |
| Country |  Colombia | |
| Motivation | Information theft and espionage | |
| First seen | 2018 | |
| Description | (Qihoo 360) Since April 2018, an APT group (Blind Eagle, APT-C-36) suspected coming from South America carried out continuous targeted attacks against Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc. Till this moment, 360 Threat Intelligence Center captured 29 bait documents, 62 Trojan samples and multiple related malicious domains in total. Attackers are targeting Windows platform and aiming at government institutions as well as big companies in Colombia. | |
| Observed | Sectors: Energy, Financial, Government, Healthcare, Manufacturing and large domestic companies and multinational corporation branches. Countries: Colombia, Ecuador, Panama, Spain. | |
| Tools used | AsyncRAT, BitRAT, Imminent Monitor RAT, njRAT, LimeRAT, RemcosRAT, Warzone RAT. | |
| Information | <https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/> | |
| MITRE ATT&CK | <https://attack.mitre.org/groups/G0099/> | |
Last change to this card: 30 December 2022
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |