In a plot twist even James Bond would envy, the notorious threat actor ‘Blind Eagle’ has managed to flawlessly pull off a risky balancing act worthy of a Las Vegas headliner. Their top-secret recipe for cyber mischief includes hefty doses of Russian bulletproof hosting and a sprinkle of Visual Basic Script—because why use modern tools when you can channel the nostalgia of 1996?

It’s not every day you see a cybercriminal group effectively disguise their operations by choosing a hosting service that’s practically screaming ‘we’re up to no good!’ to the entire cybersecurity community. Perhaps next, they’ll consider spilling their plans in a public blog post titled ‘How We Fooled Everyone: A Memoir’—distribution courtesy of Proton66, of course.

As Blind Eagle swoops in with relentless precision on Colombian banks, one might think they’ve mistaken the high-stakes world of cybercrime for a leisure Saturday matinee. Trustwave SpiderLabs has generously offered us front-row seats to this digital circus, where criminals apparently believe that the best way to evade detection is by using a provider known for its flagrantly bulletproof reputation.