Security News > 2021 > October > Groove ransomware calls on all extortion gangs to attack US interests

The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week.

Yesterday, Reuters reported that REvil's takedown resulted from an international law enforcement operation that included support from the FBI. Today, the Groove ransomware gang published a Russian blog post calling on all other ransomware operations to target US interests.

The blog post also warns ransomware operations not to target Chinese companies, as the gangs would need to use the country as a safe haven if Russia takes a stronger stance on cybercrime operating inside its country.

A later post indicates that the threat actor is likely starting a new ransomware operation as he began actively pursuing the purchase of network access to US hospitals and government agencies, as shown in the forum post below.

Today's announcement from Groove Ransomware correlates with the Orange's forum posts, indicating that targeting of all USA interests has been planned for some time, with the REvil law enforcement operation being the catalyst for Groove's announcement.

It is unclear if 'Orange' will be performing these attacks on USA organizations under the Groove operation or launching a new ransomware operation.

News URL

https://www.bleepingcomputer.com/news/security/groove-ransomware-calls-on-all-extortion-gangs-to-attack-us-interests/