Security News > 2021 > October > Groove ransomware calls on all extortion gangs to attack US interests
The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week.
Yesterday, Reuters reported that REvil's takedown resulted from an international law enforcement operation that included support from the FBI. Today, the Groove ransomware gang published a Russian blog post calling on all other ransomware operations to target US interests.
The blog post also warns ransomware operations not to target Chinese companies, as the gangs would need to use the country as a safe haven if Russia takes a stronger stance on cybercrime operating inside its country.
A later post indicates that the threat actor is likely starting a new ransomware operation as he began actively pursuing the purchase of network access to US hospitals and government agencies, as shown in the forum post below.
Today's announcement from Groove Ransomware correlates with the Orange's forum posts, indicating that targeting of all USA interests has been planned for some time, with the REvil law enforcement operation being the catalyst for Groove's announcement.
It is unclear if 'Orange' will be performing these attacks on USA organizations under the Groove operation or launching a new ransomware operation.
News URL
Related news
- Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US (source)
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Ransom Cartel, Reveton ransomware owner arrested, charged in US (source)
- US accuses man of being 'elite' ransomware pioneer they've hunted for years (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)