ICIC
SA

BlindEagle

Medium ConfidenceMedium Threat

APT-C-36 • AguilaCiega

Blind Eagle, also known as APT-C-36, is a South American threat actor that has been active since at least 2018, primarily targeting government, financial, and energy sectors in Colombia and Ecuador. The group uses sophisticated spear-phishing campaigns with themes related to government notifications, legal matters, and banking. Blind Eagle's operations focus on espionage and financial theft within the Latin American region.

Origin: South America
Sponsor: Unknown
Active: 2018 - Present
Victims: 100+ organizations
Advanced
Active
EspionageFinancial Gain
Risk Assessment
56
Composite Risk Score
Medium Risk
ARCS Compliance60
Escalation Risk58
Grievance Index55
Infrastructure Impact52
History & Evolution

Blind Eagle, also known as APT-C-36, is a South American threat actor that has been active since at least 2018, primarily targeting government, financial, and energy sectors in Colombia and Ecuador. The group uses sophisticated spear-phishing campaigns with themes related to government notifications, legal matters, and banking. Blind Eagle's operations focus on espionage and financial theft within the Latin American region.

Targeting

Target Sectors

GovernmentFinancial ServicesEnergyInsurance

Target Regions

ColombiaEcuadorSouth America
Attribution & Affiliations

Attributed to Unknown (South America). Attribution confidence: Medium.

Intelligence Assessment
Medium
Threat Level
Moderately
Targeting
Moderately
Adaptability
Medium
Persistence
Continuous
Op Tempo
Active
Status

Future Outlook

BlindEagle is expected to continue operations targeting Government sectors.

Timeline of Key Events
2018
Major

First observed activity of BlindEagle

2024
Moderate

Continued active operations