Groove Ransomware Gang Tries New Tactic to Attract Affiliates

Dark Reading -

In the seemingly never-ending lineup of new entrants to the ransomware space is “Groove,” a criminal outfit that a trio of security vendors this week described as bringing a new approach to profiting from compromised networks.

In one of its first acts, the threat group publicly leaked for free a set of nearly 500,000 user names and credentials associated with some 87,000 Fortinet FortiGate SSL-VPN devices. Researchers from McAfee, one of the three vendors that reported on the new operation — the other two are Coveware and Intel417 — described the act as likely designed to attract the attention of other cybercriminals to the new Groove operation.

“We believe that Groove has done this to empower other threat actors and aspiring cybercriminals to step into the scene,” says John Fokker, principal engineer and head of cyber investigations for the McAfee Enterprise Advanced Threat Research team. “The VPN credentials can offer an

The post Groove Ransomware Gang Tries New Tactic to Attract Affiliates first appeared on Dark Reading.

Read More.....