RedCurl: The awakening

Commercial cyber espionage remains a rare and largely unique phenomenon. We cannot rule out, however, that RedCurl’s success could lead to a new trend in the cybercrime arena.

View report

In this report:

TTPs

Discover the group’s new and updated tools as well as its tactics and infrastructure characteristics mapped to the MITRE ATT&CK® matrix

Kill Chain

Gain insights into a detailed kill chain of the latest attack based on incident response activities and unique data from Group-IB Threat Intelligence & Attribution

IoCs and recommendations

Learn indicators of compromise and a set of mitigations to secure your organization against RedCurl attacks

About the report:

Last year, Group-IB specialists discovered a new Russian-speaking hacker group that they named RedCurl. Between 2018 and 2020, the group carried out 26 attacks for the purposes of corporate espionage and documentation theft. Group-IB identified 14 victim organizations across various industries. Seven months later, in 2021, the attacks resumed. Group-IB’s most recent report details how the adversary’s tactics and tools have changed and reveals the group’s new victims.

About RedCurl
Goal
Corporate espionage and documentation theft
Active
Since 2018
Attack total
30, including 4 attacks since the start of 2021
Dwell time in the victim’s infrastructure
2–6 months
Victims
15

Group-IB investigations into cyber threats, targeted attacks, and hacker groups

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Download report: RedCurl: «RedCurl: The awakening»

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
All you need to know to #StayCyberSafe