Everest Ransomware Leak Site Hacked

Everest Ransomware Leak Site Defaced

TechCrunch has reported that the leak site operated by the Everest ransomware group was compromised and vandalized over the weekend.

This leak site serves as a platform for the gang to publicly release stolen data, applying pressure on victims to fulfill ransom demands.

At the time of this report, the site remains defaced, displaying the message: “Don’t do crime CRIME IS BAD xoxo from Prague.”

Impact of the Defacement

The extent of the compromise is currently unknown. It remains uncertain whether the hacking incident also resulted in a data breach affecting the Everest ransomware group itself.

The incident highlights vulnerabilities even within criminal organizations.

About the Everest Ransomware Gang

Everest is a well-known ransomware operation with ties to Russia. It has been active since 2020 and has taken responsibility for numerous cyberattacks and data breaches.

Notable incidents attributed to Everest include the theft of data pertaining to over 420,000 customers from the cannabis retailer Stiiizy.

Furthermore, the U.S. government has linked Everest to breaches impacting both NASA and the Brazilian government.

Trends in Ransomware Attacks

Despite an overall increase in ransomware and extortion attacks, recent statistics indicate a decline in the number of ransom payments made by victims during 2024.

This decrease is largely attributed to a growing number of businesses choosing not to comply with ransom demands.

Internal Issues and Disruptions

Law enforcement agencies have successfully disrupted several ransomware groups, such as LockBit and Radar, through targeted operations.

However, internal leaks and acts of sabotage have also proven detrimental to various ransomware organizations.

These internal issues demonstrate a potential instability within the ransomware ecosystem.