RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

Updated on March 26, 2025

The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor’s tradecraft.
The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a never-before-seen ransomware strain dubbed QWCrypt.
RedCurl, also called Earth Kapre and Red Wolf, has a history of orchestrating…

Read the rest of the story at Read More

Source: The Hacker News

October 16, 2024 Uncategorized

GitHub Patches Critical Flaw in Enterpri...

February 21, 2025 Uncategorized

Cybercriminals Can Now Clone Any Brand�...

November 14, 2024 Uncategorized

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

Related posts

GitHub Patches Critical Flaw in Enterpri...

Cybercriminals Can Now Clone Any Brand�...

Russian Hackers Exploit New NTLM Flaw to...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines