GroupIB: RedCurl. The pentest you didn’t know about HD

Group-IB has released a report on the previously unknown APT group RedCurl, which focuses on corporate espionage. In less than three years, RedCurl attacked dozens of targets all over the world — from Russia to Canada. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. The attackers seek to steal documents that contain commercial secrets and employee personal data. 

Group-IB’s new research contains the first ever description of RedCurl’s tactics, tools, and infrastructure. The report “RedCurl. The pentest you didn’t know about” includes details about the group’s kill chain discovered by Group-IB’s DFIR specialists, as well as unique data that Group-IB collected during incident response engagements related to campaigns attributed to RedCurl.Download the report at