Security News > 2021 > October > Groove ransomware calls on all extortion gangs to attack US interests

The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week.
Yesterday, Reuters reported that REvil's takedown resulted from an international law enforcement operation that included support from the FBI. Today, the Groove ransomware gang published a Russian blog post calling on all other ransomware operations to target US interests.
The blog post also warns ransomware operations not to target Chinese companies, as the gangs would need to use the country as a safe haven if Russia takes a stronger stance on cybercrime operating inside its country.
A later post indicates that the threat actor is likely starting a new ransomware operation as he began actively pursuing the purchase of network access to US hospitals and government agencies, as shown in the forum post below.
Today's announcement from Groove Ransomware correlates with the Orange's forum posts, indicating that targeting of all USA interests has been planned for some time, with the REvil law enforcement operation being the catalyst for Groove's announcement.
It is unclear if 'Orange' will be performing these attacks on USA organizations under the Groove operation or launching a new ransomware operation.
News URL
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)