Someone hacked ransomware gang Everest’s leak site

Cyberattack Targets Everest Ransomware Gang Leak Site

The data leak website associated with the Everest ransomware group has been reportedly compromised and defaced in a recent cyber incident. This breach, discovered this weekend, impacts the site utilized by the ransomware operators to publish sensitive data stolen from victims who refuse to pay extortion demands.

Everest Ransomware Leak Site Defaced

Visitors to the Everest ransomware gang’s leak site were met with a defaced page featuring a simple text message: “Don’t do crime CRIME IS BAD xoxo from Prague.” This message replaced the platform’s usual content, which typically showcases exfiltrated data intended to pressure victims into paying ransoms.

Details of the Cyber Incident

The defacement of the website was ongoing at the time of this report. It remains unclear whether the cyberattack against the leak site resulted in a broader data breach for the Everest ransomware group itself. Security experts are investigating the full scope and impact of this incident.

Everest Ransomware Group: An Overview

Everest is identified as a Russia-linked ransomware operation that has been active since 2020. The group has claimed responsibility for numerous high-profile cyberattacks and data breaches. Notable incidents attributed to Everest include the theft of data impacting over 420,000 customers of the cannabis retail company Stiizy. Furthermore, the U.S. government has linked the Everest group to cyber intrusions targeting entities such as NASA and government agencies in Brazil.

Ransomware Attack Trends

Incidents of ransomware and digital extortion continue to rise globally. However, recent data suggests a shift in victim behavior, with a decrease in ransom payments made to cybercriminals in 2024. This decline may reflect an increasing unwillingness of organizations to meet substantial financial demands from ransomware operators.

Law Enforcement and Ransomware Disruption

Law enforcement agencies worldwide have intensified efforts to disrupt and dismantle ransomware gangs. Operations targeting groups like LockBit and Radar have demonstrated some success. Simultaneously, internal vulnerabilities, including data leaks and sabotage, are also impacting the operational capabilities of various ransomware groups, adding further complexity to the cyber threat landscape.

🕐 Top News in the Last Hour By Importance Score

#	Title	📊 i-Score
1	Earth's upper mantle is revealing the deepest effect of human activity	🟢 85 / 100
2	Russia on fire as footage shows moment Ukraine fighter jet 'destroys Russian base'	🔴 75 / 100
3	Scientists bring back incredible animal that's been extinct for 10,000 years	🔴 75 / 100
4	Geopolitical shifts accelerate demand for Starlink alternatives	🔴 75 / 100
5	SpaceX launches 27 Starlink satellites on brand-new Falcon 9 rocket, aces Pacific Ocean landing (video)	🔴 72 / 100
6	Photos show people meditating, not victims of Myanmar earthquake	🔴 65 / 100
7	House Democrats lay out their targets for 2026 battle	🔵 45 / 100
8	Nintendo Switch 2 pre-orders back in stock at EE – Mario Kart World bundle out now	🔵 45 / 100
9	Fifa has used US soccer as a cash cow – and gives very little back \| Leander Schaerlaeckens	🔵 42 / 100
10	The Handmaid's Tale Commander Wharton actor Josh Charles' life from famous wife to kids	🔵 40 / 100

View More Top News ➡️