The Group-IB researchers have revealed in a recent report the returning of a reportedly corporate cyber-espionage hacker group dubbed RedCurl.
RedCurl APT Group: Background
The Group-IB experts discovered this APT group, publishing a report about them in 2020. It seems that the hacking group started its operations back in 2018, targeting organizations from various industries like finance, consulting, retail, construction, banking, insurance law, and travel in a wave of 26 cyberattacks between 2018 and 2020. The researchers stated that the companies were from Germany, Canada, Norway, Ukraine, the UK, and Russia.
The experts were also mentioning at that time:
In all campaigns, RedCurl’s main goal was to steal confidential corporate documents such as contracts, financial documents, employee personal records, and records of legal actions and facility construction. This could indicate that RedCurl’s attacks might have been commissioned for the purpose of corporate espionage.
RedCurl Makes a Comeback
It seems that after a pause of seven months, RedCurl has returned employing new tactics, as the researchers detailed in a new report published on the 18th of November.
Ivan Pisarev, Head of the Dynamic Malware Analysis Team at Group-IB, made a declaration on the returning of this hacking group saying that:
Group-IB Threat Intelligence & Attribution