Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret
I’m not sure if you need to be a threat analyst, a drama critic, or a bit of both these days. But Yelisey Boguslavskiy & Anastasia Sentsova of AdvIntel dive in to some of the recent goings on:
On September 7, 2021, a representative of the newly-formed Groove ransomware syndicate decided to share their insights and their perspective on the inner aspects of the ransomware business.
Groove ransomware was announced by a former Babuk operator and a founder of an underground forum RAMP. Groove data leak website currently has one victim, a manufacturing company based in Germany, whose exfiltrated data was published on August 27, 2021.
The Groove representative primarily focused on discussing the inner relationships within the ransomware community.
“Hello! Lately, some of the researchers on “Twitter” began dumping tons of flawed information (about ransomware). As a direct participant of recent events, I want to bring clarity as some to make sure that the truth is presented to future generations.”
I doubt anyone would view their subsequent statements as providing clarity, but AdvIntel’s analysis and commentary is helpful.