- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
First description of TTPs and infrastructure of the new threat actor
Detailed kill chain based on unique incident response data
Possible connections with Red October and Cloud Atlas campaigns
For RedCurl it makes no difference whether to attack a consulting company in Canada or a Russian bank. Because the contents of the victim’s documents and records can be much more valuable than the contents of their own wallets: the consequences of espionage can amount to tens of millions of dollars, despite the lack of direct financial losses.
RedCurl implements various techniques to stay undetected for months. The lack of indicators and technical data about the group makes it easier for the threat actor to remain active. We continue to track new attacks worldwide and therefore included IoCs in the report, which organizations can use to check their networks for signs of RedCurl infections.
The head of Malware Dynamic Analysis Team at Group-IB
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
Аctionable, finished intelligence to track actors and prevent attacks before they happen
Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks
Client-side digital identity protection and fraud prevention in real time
Al-driven online platform for external digital risk identification and migration
The well-known complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®