ESentire Uncovers EarthKapre/RedCurl Attack Targeting Law Firms

eSentire’s Threat Response Unit (TRU) uncovered a cyber espionage campaign targeting law firms. The attack, leveraging a legitimate Adobe executable, sideloaded the EarthKapre/RedCurl loader, highlighting the group’s focus on corporate espionage. eSentire recommends employee awareness training, endpoint protection, and threat intelligence to mitigate similar attacks.