Add a new glide_list field to the application and/or module table(s) (ex: u_group_access).

Create before query Business rule(s) against the table(s):

Conditions (this is assuming you only want this to apply to users who have no roles and are only members of groups:

!gs.getUser().hasRoles() && !gs.hasRole('admin')

Script:

qry = 'u_group_accessISEMPTY^ORu_group_accessLIKEjavascript:getMyGroups()';

current.addEncodedQuery(qry);

I have only been able to do this by role, in the Visibility section of the Module (via System Definition>Modules), so although this doesn't really answer the question you have, the only way to limit access to a module is by Role.

If you can add a role to the group, as previously suggested by Jesus Villanueva, and then add that role to the group in question, only the users in that group (who are therefore the only people with that particular role) will be able to see the module in the menu.

Additional thought on the chargeable situation with customised roles:

If these users are already in a group, then they will already have some roles, and be consuming a licence, so there should not be any additional charge for adding a new role to the group. - Although it would be best to check this with your Account Manager in order to be certain.