Cyber security firm Group-IB has uncovered a new Russian-speaking hackers group called RedCurl. The cyber gang has been targeting global companies for the past three years to steal and leak documents that contain commercial secrets and employee personal data.
Group-IB which has been tracking the group since 2019 said, it has identified 26 other RedCurl attacks that were carried out against 14 organizations across Canada, Germany, Norway, Ukraine, Russia and the U.K. The group hackers did not use complex tools or hacking techniques for their attacks and instead relied on spear-phishing for initial access.
Similar to other hacking groups like CloudAtlas and RedOctober, RedCurl also used the WebDAV protocol as a data exfiltration channel.