A leak site used by the Everest ransomware gang was hacked and defaced this weekend, TechCrunch has learned.
The leak site, which the ransomware gang uses to publish stolen files to extort its victims into paying a ransom demand, was replaced with a brief text note: “Don’t do crime CRIME IS BAD xoxo from Prague.”
The site was still defaced at the time of writing. It’s not clear if the gang also experienced a data breach as a result of the hack.
Everest is a prolific Russia-linked ransomware gang that has claimed credit for multiple hacks and data breaches since its inception in 2020, including the theft of more than 420,000 customers’ data from cannabis retail chain Stiizy. The U.S. government has also attributed several hacks to Everest, including breaches at the U.S. space agency NASA and the Brazilian government.
Ransomware (and extortion) attacks are on the rise, but recent data shows that the number of victim payments to hackers dropped overall during 2024 as more businesses refused to pay hefty ransoms.
While law enforcement operations have targeted and disrupted some ransomware gangs in recent years, including the LockBit and Radar hacking groups, several ransomware gangs have also experienced damaging leaks and sabotage from within.
