← threatfilter.dev / all groups / Machete

Machete

Also known as: APT-C-43 · El Machete

Overview

Machete is a suspected Spanish-speaking cyber espionage group that has been active since at least 2010. It has primarily focused its operations within Latin America, with a particular emphasis on Venezuela, but also in the US, Europe, Russia, and parts of Asia. Machete generally targets high-profile organizations such as government institutions, intelligence services, and military units, as well as telecommunications and power companies.

Targets

Government · Military

Regions

Belgium · Brazil · China · Colombia · Cuba · Ecuador · France · Germany · Malaysia · Peru · Russia · Spain · Sweden · United States · Venezuela

TTPs — 11 techniques across 3 tactics

Initial Access

Execution

T1053.005 Scheduled Task
T1059.003 Windows Command Shell
T1059.005 Visual Basic
T1059.006 Python
T1204.001 Malicious Link
T1204.002 Malicious File

Stealth

T1036.005 Match Legitimate Resource Name or Location
T1218.007 Msiexec

Tools & malware (1)

Machete

Reporting (3)

APT-C-43 steals Venezuelan military secrets to provide intelligence support for the reactionaries — HpReact campaign — kate
MACHETE JUST GOT SHARPER Venezuelan government institutions under attack — ESET
El Machete's Malware Attacks Cut Through LATAM — The Cylance Threat Research Team