Tomcat
Professional
- Messages
- 2,687
- Reaction score
- 1,036
- Points
- 113
The media and information security companies are beginning to realize that Groove, which threatened devastating attacks on the US public sector, turned out to be fake.
Western media and information security companies seem to be gradually realizing that the sensational “cyber ransomware group” called Groove, which threatened devastating attacks on the US state sector, turned out to be nothing more than a “divorce”.
As SecurityLab previously reported, there was only one person hiding behind the Groove name, and no group actually existed. The whole project was conceived by him specifically for the purpose of trolling the Western media. The man admitted on the XSS cybercriminal forum that he planned to write an article on the topic "Media manipulation through a ransom blog", for which he invented Groove.
Below is a brief history of the project, which, according to its author, was more than successful.
For the first time, the appearance of Groove was announced on August 22, 2021 on the Russian-language cybercriminal forum RAMP. At the time, its administrator, a certain Orange, described the newfound threat as "an aggressive, financially motivated criminal organization that has been engaged in industrial espionage for two years."
According to experts of the information security company McAfee, RAMP is the result of the split of the well-known cyber ransomware group Babuk. In September, the user Groove (according to the experts of the information security company Intel471, Groove and Orange are one person) published about 500 thousand Fortinet VPN user credentials on the forum. According to some experts, the purpose of the publication was to attract new partners to Groove, but it looks more like the author of the publication was actually trying to attract the attention of information security researchers and journalists.
The Groove blog was deleted last week. Someone using the pseudonym Boriselcin posted on XSS a statement that Groove was invented specifically for media trolling.
"For those who did not understand what was going on: I created a fake Groove Gang and called myself a gang. They swallowed it, I published 500,000 old Fortinet VPN credentials that nobody needed, and they swallowed it. I said I was going to attack. US public sector, and they swallowed it. Only a few journalists realized that this is all just a show, fake, scam! My respect to those who understood this. I don't even know what to do with this blog with tons of traffic now. Maybe sell? Now I just need to start writing an article, but I can't start without first checking everything, "said Boriselcin.
Judging by the latest publications of Boriselcin, he had been preparing his project for several months. On September 13, he reported "several topics are brewing," in particular a planned article on media trolling and security researchers.
"It's so funny to read Twitter lately. But so far, the results are great," wrote Boriselcin.
However, not all information security experts believe Boriselcin's statements, writes journalist Brian Krebs. So, according to Intel471 experts, in fact, he really had a desire to create his own extortionist group, but he did not succeed in carrying out his plan.
Western media and information security companies seem to be gradually realizing that the sensational “cyber ransomware group” called Groove, which threatened devastating attacks on the US state sector, turned out to be nothing more than a “divorce”.
As SecurityLab previously reported, there was only one person hiding behind the Groove name, and no group actually existed. The whole project was conceived by him specifically for the purpose of trolling the Western media. The man admitted on the XSS cybercriminal forum that he planned to write an article on the topic "Media manipulation through a ransom blog", for which he invented Groove.
Below is a brief history of the project, which, according to its author, was more than successful.
For the first time, the appearance of Groove was announced on August 22, 2021 on the Russian-language cybercriminal forum RAMP. At the time, its administrator, a certain Orange, described the newfound threat as "an aggressive, financially motivated criminal organization that has been engaged in industrial espionage for two years."
According to experts of the information security company McAfee, RAMP is the result of the split of the well-known cyber ransomware group Babuk. In September, the user Groove (according to the experts of the information security company Intel471, Groove and Orange are one person) published about 500 thousand Fortinet VPN user credentials on the forum. According to some experts, the purpose of the publication was to attract new partners to Groove, but it looks more like the author of the publication was actually trying to attract the attention of information security researchers and journalists.
The Groove blog was deleted last week. Someone using the pseudonym Boriselcin posted on XSS a statement that Groove was invented specifically for media trolling.
"For those who did not understand what was going on: I created a fake Groove Gang and called myself a gang. They swallowed it, I published 500,000 old Fortinet VPN credentials that nobody needed, and they swallowed it. I said I was going to attack. US public sector, and they swallowed it. Only a few journalists realized that this is all just a show, fake, scam! My respect to those who understood this. I don't even know what to do with this blog with tons of traffic now. Maybe sell? Now I just need to start writing an article, but I can't start without first checking everything, "said Boriselcin.
Judging by the latest publications of Boriselcin, he had been preparing his project for several months. On September 13, he reported "several topics are brewing," in particular a planned article on media trolling and security researchers.
"It's so funny to read Twitter lately. But so far, the results are great," wrote Boriselcin.
However, not all information security experts believe Boriselcin's statements, writes journalist Brian Krebs. So, according to Intel471 experts, in fact, he really had a desire to create his own extortionist group, but he did not succeed in carrying out his plan.
