Blind Eagle’s Banking Trap: Phishing Colombia’s Financial Sector

Amber | Attack Report
Download PDF

A cybercriminal group known as Blind Eagle has been running a crafty phishing campaign across Latin America, targeting users with fake emails that appear to come from trusted banks. These messages trick people into downloading malicious scripts hidden inside innocent-looking files. Once opened, the malware acts as a doorway, giving attackers control over the victim’s computer through remote access tools like Remcos or AsyncRAT. What’s striking is how open and sloppy the infrastructure is, the attackers’ reused domains, left directories exposed, and used basic obfuscation, proving that even low-effort setups can lead to serious breaches when phishing is done right.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox