Groove
Groove emerged in mid-2021 as a loose criminal collective linked to former Babuk gang members, known for publicly leaking Fortinet VPN credentials to attract affiliates and calling for attacks on US government and financial targets; the group later claimed its entire operation was a hoax to mislead security researchers.
Victims
13
First Discovered
2021-09-09
victim
Last Discovered
2021-10-30
victim
Inactive Since
4yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
0
hit
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Утечки | Groove | No | 2026-04-28T07:24:00 |
ws3dh6av66sjbxxkjpw5ao3wqzmtejnkzheswm4dz5rrwvular7xvkqd.onion
|
Target
Top 5 Activity Sectors
- Healthcare 2
- Public Sector 1
- Technology 1
- Manufacturing 1
Top 5 Countries
Heatmap
YARA Rules (1)
Victims (13)
