A Leak Site Used by the Everest Ransomware Gang is Hacked and Defaced
A leak site used by the Everest ransomware gang was hacked and defaced this weekend, TechCrunch has learned.
Defaced with a Message
The leak site, which the ransomware gang uses to publish stolen files to extort its victims into paying a ransom demand, was replaced with a brief text note: “Don’t do crime CRIME IS BAD xoxo from Prague.”
Situation Remains Unclear
The site was still defaced at the time of writing. It’s not clear if the gang also experienced a data breach as a result of the hack.
About the Everest Ransomware Gang
Everest is a prolific Russia-linked ransomware gang that has claimed credit for multiple hacks and data breaches since its inception in 2020, including the theft of more than 420,000 customers’ data from cannabis retail chain Stiizy. The U.S. government has also attributed several hacks to Everest, including breaches at the U.S. space agency NASA and the Brazilian government.
Ransomware Trends
Ransomware (and extortion) attacks are on the rise, but recent data shows that the number of victim payments to hackers dropped overall during 2024 as more businesses refused to pay hefty ransoms.
Law Enforcement Operations
While law enforcement operations have targeted and disrupted some ransomware gangs in recent years, including the LockBit and Radar hacking groups, several ransomware gangs have also experienced damaging leaks and sabotage from within.
Conclusion
The hack and defacement of the Everest ransomware gang’s leak site serves as a reminder of the ongoing threat and complexity of ransomware attacks. As the number of victim payments to hackers decreases, it’s clear that more businesses are refusing to pay hefty ransoms, making it crucial for organizations to prioritize cybersecurity measures.
FAQs
Q: Who is the Everest ransomware gang?
Everest is a Russia-linked ransomware gang that has claimed credit for multiple hacks and data breaches since its inception in 2020.
Q: What is the purpose of the leak site?
The leak site is used by the ransomware gang to publish stolen files to extort its victims into paying a ransom demand.
Q: Has the number of victim payments to hackers decreased?
Yes, according to recent data, the number of victim payments to hackers dropped overall during 2024 as more businesses refused to pay hefty ransoms.
Q: Have any ransomware gangs been disrupted by law enforcement?
Yes, law enforcement operations have targeted and disrupted some ransomware gangs in recent years, including the LockBit and Radar hacking groups.
Q: Is the hack and defacement of the Everest ransomware gang’s leak site a significant event?
Yes, the hack and defacement of the Everest ransomware gang’s leak site serves as a reminder of the ongoing threat and complexity of ransomware attacks.
