Threat Intelligence Tarot
cups · 14
Venezuela / Latin America (suspected state-linked)
G0095★★★★★
risk 3/5
✦ The Latin Blade ✦
Machete
El Machete
Ecuador militaryColombia militaryNicaragua governmentVenezuela political opponents
Active since ~2010 · Venezuelan foreign policy intelligence, Latin American military espionage, Regional political surveillance
The Latin Blade has cut through Latin American military networks for over a decade - Ecuador's armed forces, Colombia's defense ministry, Nicaragua's government. It is quiet, persistent, and focused on the intelligence needs of its sponsor. It has never made international headlines. That is the point.
Tactics & Techniques
RCN
RDV
INI
EXC
PRS
PRV
EVA
CRD
DSC
LAT
COL
C2
EXF
IMP
Notable Operations
- ◆Ecuadorian military targeting - sensitive military documents exfiltrated
- ◆Decade of operations across Latin American armed forces
- ◆Spanish-language lures themed around regional political events
- ◆Custom Python-based implant with keylogging and screen capture
Defenses
- ▸Endpoint protection with behavioral monitoring for Python-based implantsNIST CSF: DE.CM ↗
- ▸Email security with Spanish-language document analysisCIS Control 9 ↗
- ▸Military network segmentation and access controlsCIS Control 12 ↗
- ▸Screen capture and keylogger detection capabilitiesNIST CSF: DE.CM ↗
Reversed: Their Weakness
Machete's long operational lifespan without significant disruption reflects the low level of cybersecurity investment across many Latin American military organizations - defenders who lack visibility into their own networks cannot find what is hiding in them.
Share this adversary profile
swipe to browse
Related Adversaries
Data sourced from MITRE ATT&CK. For educational purposes.