| SYMBOL | COMMON_NAME | aka. SYNONYMS |
El Machete is one of these threats that was first publicly disclosed and named by Kaspersky here. We’ve found that this group has continued to operate successfully, predominantly in Latin America, since 2014. All attackers simply moved to new C2 infrastructure, based largely around dynamic DNS domains, in addition to making minimal changes to the malware in order to evade signature-based detection.
| 2023-10-12
⋅
YouTube (FIRST)
⋅
"Compromising the Keys to the Kingdom" - Exfiltrating Data to Own and Operate the Exploited Systems Loki RAT SystemBC |
| 2023-09-12
⋅
FIRSTCON
⋅
Compromising the Keys to the Kingdom: Exfiltrating Data to Own and Operate the Exploited Systems (Slides) Loki RAT SystemBC |
| 2022-03-31
⋅
State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage Loki RAT El Machete APT Backdoor Dropper Lyceum .NET DNS Backdoor Lyceum .NET TCP Backdoor Lyceum Golang HTTP Backdoor |
| 2020-09-25
⋅
360 Total Security
⋅
APT-C-43 steals Venezuelan military secrets to provide intelligence support for the reactionaries - HpReact campaign PyArk El Machete |
| 2019-09-13
⋅
MITRE
⋅
Machete El Machete |
| 2019-01-01
⋅
Council on Foreign Relations
⋅
Machete El Machete |
| 2017-03-22
⋅
Cylance
⋅
El Machete's Malware Attacks Cut Through LATAM El Machete |
| 2017-03-22
⋅
Cylance
⋅
El Machete's Malware Attacks Cut Through LATAM Machete El Machete |
| 2014-08-20
⋅
Kaspersky Labs
⋅
“El Machete” Machete El Machete |