The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66.
Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital assets, leading to the discovery of an active threat cluster that leverages Visual Basic Script (VBS) files as its



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/06/blind-eagle-uses-proton66-hosting-for.html