Singapore-based cybersecurity company Group-IB describes key changes in the spectrum of high-tech threats recorded since the second half of 2018 and the first half of 2019. RedCurl, a new adversary, is highly capable and difficult to detect, says Group. The threat actor relies on a custom trojan for its malicious actions and focuses first on stealing important documentation from the victim and then installs XMRIG miners for Monero cryptocurrency on the infrastructure. It is unclear if RedCURL is a cybercriminal group or a state-sponsored one, but researchers are trying to establish its affiliation by looking at tools, techniques, and practices.
Source: https://www.bleepingcomputer.com/news/security/advanced-hacking-groups-keep-showing-up-old-ones-evolve/