Ransomware Group intelligence

Groove

Inactive

Track Groove with 13 published victims and 1 known leak locations in a single intelligence view.

Victims 13 Known published victims in this dataset

First discovered 2021-09-09 Earliest victim discovery date

Last discovered 2021-10-30 Latest victim discovery date

Inactive since 1638 days Days since the latest known victim

Known locations 1 Leak or negotiation infrastructure tracked

Groove is tracked by Breach House as a ransomware group with 13 published victims.

The group is tracked across multiple victim records in the Breach House dataset.

1 known leak locations are currently associated with this group.

Top Countries

Distribution

Label	Type	Availability	Links
Leak location 1	Onion service	Unknown	`ws3dh6av66sjbxxkjpw5ao3wqzmtejnkzheswm4dz5rrwvular7xvkqd.onion`

No sector intelligence available.

Ransom Notes (0)

▼

No ransom notes available for this group.

Tools Used

▼

No tools used available.

YARA Rules (0)

▼

No YARA rules available.

Indicators of Compromise (0)

▼

No IoCs available for this group.

Negotiation Chats (0)

▼

No negotiation chats available.

No external research sources linked yet.

Type	Target	Discovered	Business Category	Intel Link
Ransomware	Я не пью виски но с ним бы выпил id1749 View details	2021-10-30	Other	—
No additional victim description available. ID 1749
Ransomware	episcopalretirement.com Возможна утечка id1687 View details	2021-10-23	Other	—
No additional victim description available. ID 1687
Ransomware	Про русских в США id1685 View details	2021-10-23	Other	—
No additional victim description available. ID 1685
Ransomware	therecord.media 30k USD id1684 View details	2021-10-23	Communication / Marketing	—
No additional victim description available. ID 1684
Ransomware	hagerstownpd.org id1677 View details	2021-10-22	Other	—
No additional victim description available. ID 1677
Ransomware	trivalleypc.com id1673 View details	2021-10-22	Other	—
No additional victim description available. ID 1673
Ransomware	robinwoodortho.com id1367 View details	2021-09-13	Other	—
No additional victim description available. ID 1367
Ransomware	Одно интервью id1256 View details	2021-09-10	Other	—
No additional victim description available. ID 1256
Ransomware	Украина и экстрадиции в США id1255 View details	2021-09-10	Other	—
No additional victim description available. ID 1255
Ransomware	ludofact.de 50 GB data stolen id1240 View details	2021-09-09	Other	—
No additional victim description available. ID 1240
Ransomware	Мысли о смысле id1239 View details	2021-09-09	Other	—
No additional victim description available. ID 1239
Ransomware	Запатченные fortinet точки входа id1238 View details	2021-09-09	Other	—
No additional victim description available. ID 1238
Ransomware	Мы можем просто договориться id1237 View details	2021-09-09	Other	—
No additional victim description available. ID 1237

Groove

Overview

Top Countries

Known Leak Locations (1)

Top Activity Sectors

Ransom Notes (0)

Tools Used

YARA Rules (0)

Indicators of Compromise (0)

Negotiation Chats (0)

Research Sources

Victims (13)

Restricted Access