Blog

Groove’s Mission to ‘Manipulate the Western Media Through a Ransomware Blog’

On October 22, the Groove ransomware collective called on its “business brothers” to “stop competing, unite and begin to destroy the US public sector.” Shortly thereafter, the threat actor behind Groove Ransomware, whose alias is “boriselcin” or “Orange,” released a statement in which they highlighted the “hoax” behind the Groove ransomware: It was never about holding organizations ransom; it was a social engineering experiment.

November 2, 2021