The GrandCrab ransomware operators quit the arena, they left an vacuum that others have tried to fill. The operation has gained the respect of fellow cybercriminals as well as security researchers. Both will not do business in Russia, Ukraine, Moldova, Belarus, Kyrgyzstan, Kazakhstan, Tajikistan, Armenia, Turkmenistan or Uzbekistan. Both parties joined in an effort to customize ransomware admin panels so that they didn’t need to be rented from a third-party as a service.”]
Source: https://www.darkreading.com/abtv/malware/two-threat-actors-one-targeted-threat/a/d-id/755043