RedCurl Espionage Hackers Returns with better-equipped tools

Share post:

RedCurl, a group of professional hackers specializing in corporate espionage, has returned with new, sophisticated tools.

The new activity was discovered by security researchers from cybersecurity firm Group-IB. According to researchers, the group needed seven months of inactivity to improve its tailored tools and attack methods.

Following a recent attack, researchers discovered that the number of steps the gang takes to carry out a supply chain attack has increased from three to four to five stages. To prevent their activities from being noticed, the hackers use a sophisticated decoy file from the organization to deceive users when they click on the malicious document.

The group is now using the ‘RedCurl.Extractor’ tool to prepare the final step of the attack, which involves persistence of the system.

Others are the RedCurl.InitialDropper, a tool that is used in the initial stages of infection to download batch or PowerShell scripts; RedCurl.Downloader (a new tool), an intermediary stage downloader that collects data about an infected system; RedCurl.Extractor; RedCurl.FSABIN; RedCurl.CHABIN1; RedCurl.CHABIN2.

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Canadian School Boards Hit by Data Breach in PowerSchool Cyber Incident

A significant data breach involving PowerSchool, a widely used student information system, has affected multiple school boards across...

Chinese Hackers Compromised More U.S. Telecom Networks Than Previously Known

A new report from the Wall Street Journal reveals that a Chinese hacking campaign has compromised more U.S....

Cyber Security Today Year End Review: December 21, 2024

This is our year end show. We'll be back in early January, 2025. Merry Christmas and Happy Holidays. Join...

Millions Stolen in Crypto Wallets Linked to 2022 LastPass Hack: Cyber Security Today for Friday, December 20, 2024

Millions Stolen in Crypto Wallets Linked to 2022 LastPass Hack, TP-Link Routers Face Possible U.S. Ban Over National...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways