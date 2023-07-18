Commercial cyberespionage attacks against a major Russian bank and an Australian firm have been conducted by Russian hacking operation RedCurl this year, reports The Record, a news site by cybersecurity firm Recorded Future.
After failing to compromise the Russian bank through phishing emails last November, RedCurl was able to infiltrate one of the bank's contractors in May using the RedCurl.SimpleDownloader tool to access the bank's infrastructure, according to a report from Russian Group-IB offshoot F.A.C.C.T.
Threat actors then leveraged a modified version of the tool with improved defenses against detection in targeting the Australian company last month, said researchers.
RedCurl, which has mostly targeted Russian organizations since its inception in 2018, was also noted to have been undetected for up to six months before proceeding with corporate data exfiltration activities.
"RedCurl remains one of the most interesting Russian-language cybercrime groups, especially the uncommon targeting of both Russian and non-Russian entities," said Russian cybersecurity analyst Ian Litschko in a tweet.
TechCrunch reports that U.S cloud-based directory services firm JumpCloud had its customers' API keys invalidated earlier this month due to a breach by an unspecified sophisticated state-sponsored threat operation.
Millions of emails intended for members of the U.S. military have been inadvertently sent to Mali-based email accounts for more than a decade as a result of a domain name typo, with misdirected emails reaching 117,000 in January alone, reports The Verge.
Ukraine has been facing a continuous onslaught of attacks against its state services from Russian hacking group Gamaredon, also known as Armageddon, with the country's Computer Emergency Response Team noting the group's targeting of an information infrastructure facility and thousands of government computers, according to The Record, a news site by cybersecurity firm Recorded Future.