Security News > 2020 > August > Corporate Espionage Group 'RedCurl' Launching Targeted Attacks Since 2018
Group-IB security researchers have identified an advanced persistent threat group that has launched at least 26 targeted attacks since 2018.
Presumably Russian-speaking, the group targeted victims in Canada, Germany, Norway, Russia, Ukraine, and the United Kingdom.
RedCurl appears interested in stealing files containing either commercial secrets or personal information of employees, which suggests the group might have been commissioned for the purpose of corporate espionage, Group-IB says.
The group would remain in the victim's network for long periods of time, ranging between two and six months.
"As an element of unfair competition, corporate espionage is a relatively rare phenomenon in the APT world," said Rustam Mirkasymov, the head of the Malware Dynamic Analysis Team at Group-IB. "The contents of the victim's documents and records can be much more valuable than the contents of their own wallets. Despite the lack of direct financial damage, which is typical of financially motivated cybercriminal groups, the consequences of espionage can amount to tens of millions of dollars."