Galactic Ocelot

Colombia

Details

GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...

Community Identifiers

yfdCaMoZFl1r57b

Objective

  • AZUmvfbhSaJkYxndIGODQzT

Motivation

  • qEH6TjBXv90PLDf

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.