RedCurl

The pentest you didn’t know about

The APT group continues to successfully attack enterprise companies in North America, Europe, and CIS countries after remaining undetected for years. Their goal is carefully planned, targeted cyber espionage.

Request report

In this report:

TTPs

First description of TTPs and infrastructure of the new threat actor

Kill Chain

Detailed kill chain based on unique incident response data

Attribution

Possible connections with Red October and Cloud Atlas campaigns

For RedCurl it makes no difference whether to attack a consulting company in Canada or a Russian bank. Because the contents of the victim’s documents and records can be much more valuable than the contents of their own wallets: the consequences of espionage can amount to tens of millions of dollars, despite the lack of direct financial losses.

RedCurl implements various techniques to stay undetected for months. The lack of indicators and technical data about the group makes it easier for the threat actor to remain active. We continue to track new attacks worldwide and therefore included IoCs in the report, which organizations can use to check their networks for signs of RedCurl infections.

Rustam Mirkasymov

The head of Malware Dynamic Analysis Team at Group-IB

Group-IB research on targeted attack groups

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Thank you for your interest in our research.

Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

Download report: "RedCurl. The pentest you didn’t know about"

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
All you need to know to #StayCyberSafe