Canadian Cyber Chaos: Gold Blade’s Northern Espionage Escapades

Canadian organizations are in the crosshairs of cyber group STAC6565, a.k.a. RedCurl, infamous for its cyber espionage and ransomware antics. Sophos revealed nearly 40 incidents linked to these digital mischief-makers, who now favor Canadian targets. Their toolbox includes RedLoader and QWCrypt, as they pivot from phishing to more sophisticated strategies.

3P
Published: December 9, 2025 9:53 amAdded: December 9, 2025 at 2:12 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Canada just became the new cyber vacation hotspot for hackers. Who knew the Great White North was so attractive to cybercriminals? Maybe they’re just after some poutine recipes or the secret to perfect maple syrup! But seriously, if cybercriminals are booking flights to Canada, it might be time to upgrade those digital defenses, eh?

Key Points:

  • The cyber campaign, led by STAC6565, has a heavy focus on Canadian organizations, with 80% of attacks targeting them.
  • RedCurl, also known as Gold Blade, has shifted from cyber espionage to hybrid attacks involving ransomware.
  • The threat actor uses phishing emails and job recruitment platforms to deliver malicious payloads.
  • Ransomware attacks are executed using a custom malware strain named QWCrypt.
  • There’s an increase in ransomware attacks targeting hypervisors, as seen with the Akira group.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?