AeroBlade  (Back to overview)

AeroBlade is a previously unknown threat actor that has been targeting an aerospace organization in the United States. Their objective appears to be conducting commercial and competitive cyber espionage. They employ spear-phishing as a delivery mechanism, using weaponized documents with embedded remote template injection techniques and malicious VBA macro code. The attacks have been ongoing since September 2022, with multiple phases identified in the attack chain. The origin and precise objective of AeroBlade remain unknown.

Associated Families

There are currently no families associated with this actor.

2023-11-30BlackberryBlackBerry Research & Intelligence Team, Dmitry Bestuzhev
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry

Credits: MISP Project