Blindeagle targets colombian government agency with caminho and dcrat

Intel Name: Blindeagle targets colombian government agency with caminho and dcrat

Date of Scan: December 19, 2025

Impact: High

Summary:
BlindEagle launched a spear-phishing campaign targeting a Colombian government agency under the Ministry of Commerce, Industry and Tourism (MCIT), using emails sent from a compromised internal account to bypass security controls. The attack leveraged fake web portals, layered JavaScript and PowerShell, steganography, and the Caminho downloader to ultimately deploy DCRAT, reflecting an evolution toward more complex, multi-stage attack chains.

More Details