Despite claiming they were retiring, GandCrab s authors have been linked to the REvil/Sodinokibi ransomware via a technical analysis. The malware that hit 22 Texas municipalities and various dentist offices recently is likely the work of the crew behind the Gandcrab ransomware. Researchers from Secureworks Counter Threat Unit (CTU) researchers said that the group, which it calls Gold Garden, merely moved onto a different ransomware. The string decoding functions employed by REvil are nearly identical to those employed by GandCrabs.
Source: https://threatpost.com/gandcrab-operators-resurface-revile-malware/148631/