Skip to content
SparTech Software SparTech Software

Your Protection, Our Mission since 1987

  • Services
    • Service Offerings
    • Security Services Request
  • News
    • Cybersecurity News
    • CyberPulse Updates
  • Knowledge
    • AI/Machine Learning
    • Cybersecurity Defense
    • Encryption
    • Reconnaissance
    • Scanning and Analysis
    • Exploitation
  • Resources
    • 3rd Party News Feeds
    • Analysis
    • Cheat Sheets and Checklists
    • Glossary
    • Honeypot Stats CURRENT
    • Labs and Lessons
    • Ransomware Live Feed
    • References
  • Facebook
  • Bluesky
  • Instagram
  • Pinterest
  • Threads
  • LinkedIn
  • Twitter
Requests

RedLoader

Home - RedLoader

Sophos Investigates Evolving GOLD BLADE “RedLoader” Attack Chain
Posted inCybersecurity News

Sophos Investigates Evolving GOLD BLADE “RedLoader” Attack Chain

Cybersecurity researchers at Sophos are closely tracking a sophisticated new infection chain developed by the financially motivated cybercriminal group known as GOLD BLADE, also referred to in the threat landscape as RedCurl, Red Wolf, and Earth Kapre. GOLD BLADE has a known history of orchestrating commercial espionage campaigns since at least 2018.
Posted by Spartech Software July 29, 2025

Latest Posts

  • SparTech Software CyberPulse – Your quick strike cyber update for September 23, 2025 4:05 PM
  • SparTech Software CyberPulse – Your quick strike cyber update for September 23, 2025 10:42 AM
  • SparTech Software CyberPulse – Your quick strike cyber update for September 23, 2025 5:02 AM
  • SparTech Software CyberPulse – Your quick strike cyber update for September 22, 2025 4:05 PM
  • SparTech Software CyberPulse – Your quick strike cyber update for September 22, 2025 10:41 AM

Ransomware Live

  • 🏴‍☠️ Incransom has just published a new victim : TLD Law.com
  • 🏴‍☠️ Rhysida has just published a new victim : The Maryland Department of Transportation
  • 🏴‍☠️ Qilin has just published a new victim : www.apm-finance.de
  • 🏴‍☠️ Qilin has just published a new victim : www.meduane-habitat.fr
  • 🏴‍☠️ Qilin has just published a new victim : www.cr-installers.com
  • 🏴‍☠️ Qilin has just published a new victim : www.chinup.com.tw
  • 🏴‍☠️ J has just published a new victim : FAI Aviation Group (fai.ag) - The biggest leak ever
  • 🏴‍☠️ Kairos has just published a new victim : www.milkagro.sk/Slovakia/335GB
  • 🏴‍☠️ Worldleaks has just published a new victim : Pyramid Global Hospitality
  • 🏴‍☠️ Worldleaks has just published a new victim : Washington Prime Group Inc

Threat Level

High

Attack Statistics

United States ~59% of ransomware attacks globally
Thousands per year
Poland 1,000+ per week
Russia Highest cybercrime threat level
China Thousands per year
India 115% surge in attacks Q2 2024
Ukraine Significant surge since 2022
Brazil Among top countries for blocked attacks
Mexico 65% of businesses hit in 2024
Germany High targeted rate (EU)
France High targeted rate (EU)

Top attacking AS/N

AS NameASN
Bharat Sanchar Nigam Ltd9829
No.31,Jin-rong Street4134
CHINA UNICOM China169 Backbone4837
DigitalOcean, LLC14061
HUAWEI INTERNATIONAL PTE. LTD.136907
Amazon.com, Inc.14618
Alibaba (US) Technology Co., Ltd.45102
Google LLC396982
Amazon.com, Inc.16509
3xK Tech GmbH200373

Top attacking IP addresses

IP AddressNotable Exploits/Context
104.238.159.149SharePoint zero-day, broad exploitation
107.191.58.76SharePoint zero-day, government targets
96.9.125.147SharePoint, previously Ivanti exploits
139.162.47.194Exploits on CitrixBleed 2
38.180.148.215CitrixBleed 2 campaigns
185.224.128.17High activity, Netherlands
89.248.163.200High activity, Netherlands
15.235.218.150Associated with APT, active C2
45.9.148.114Associated with C2, malicious netflow
91.107.150.184C2 infrastructure, recent IoC

Visit our Friends

  • Bible Blender
  • Geek Slop
  • Pick Pony

About SparTech Software

  • Read about SparTech Software's cybersecurity services
  • Cybersecurity services request
  • Privacy Policy

Social Media

  • Facebook
  • Bluesky
  • Instagram
  • Pinterest
  • Threads
  • LinkedIn
  • Twitter

Contact Us

2345 Charles Ave
Burleson, TX 76028
Contact Us Form

Copyright 2025 — SparTech Software. All rights reserved.
Scroll to Top
×