Cybercriminal Group Blind Eagle Linked to Russian Hosting Service Proton66

The cybercriminal group known as Blind Eagle has been identified with high confidence as a user of the Russian hosting service Proton66. According to a report published last week by Trustwave SpiderLabs, this connection was established by pivoting from digital assets linked to Proton66, leading to the discovery of an active threat cluster. This cluster uses Visual Basic Script (VBS) files for its attacks. Targets include Colombian banks, where Blind Eagle deploys Remote Access Trojan (RAT) malware.