![]() Sometime in the last week, Groove’s darknet blog disappeared. But it seems more likely the credentials were posted to garner the attention of security researchers and journalists. Some security experts said the post of the Fortinet VPN usernames and passwords was aimed at drawing new affiliates to Groove. Fortinet said the credentials were collected from systems that hadn’t yet implemented a patch issued in May 2019. In the first week of September, Groove posted on its darknet blog nearly 500,000 login credentials for customers of Fortinet VPN products, usernames and passwords that could be used to remotely connect to vulnerable systems. “Thus, an affiliation with the BlackMatter gang is likely.” ![]() “ believes, with high confidence, that the Groove gang is a former affiliate or subgroup of the Babuk gang, who are willing to collaborate with other parties, as long as there is financial gain for them,” the report said. The report said RAMP was the product of a dispute between members of the Babuk ransomware gang, and that its members likely had connections to another ransomware group called BlackMatter. “Let’s make it clear that we don’t do anything without a reason, so at the end of the day, it’s us who will benefit most from this contest.”Īccording to a report published by McAfee, Orange launched RAMP to appeal to ransomware-related threat actors who were were ousted from major cybercrime forums for being too toxic, or to cybercriminals who complained of being short-changed or stiffed altogether by different ransomware affiliate programs. “GROOVE is first and foremost an aggressive financially motivated criminal organization dealing in industrial espionage for about two years,” wrote RAMP’s administrator “Orange” in a post asking forum members to compete in a contest for designing a website for the new group. 22 on RAMP, a new and fairly exclusive Russian-language darknet cybercrime forum. 22 post from Groove calling for attacks on the United States government sector. ![]() “An appeal to business brothers!” reads the Oct.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |