Tengu, a threat actor, has claimed to have targeted Grupo Roa, a Mexican construction and infrastructure company, as part of their ransomware campaign. The attack has impacted Colombia.
Incident Details
- Victim: Grupo Roa
- Sector: Agriculture and Food Production
- Country: CO
- Actor: tengu
- Source: http://longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion/blog/c080d02876ae0fd24190edd17c6140ca44b1626050eb86fab1a0a277a116bf3b/
- Discovered: 2026-01-16 12:12:08.490548
- Published: 2026-01-16 12:11:49.596604
Information
- Grupo Roa is a Mexican group of companies involved in construction and infrastructure.
- Founded on March 30, 1995.
- Operates in the southeastern region of Mexico.
- Recently targeted by ransomware attackers.
- The threat actor responsible is Tengu.
Disclaimer: This post is based on public claims made by the ransomware group "tengu". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.