{"id":661219,"date":"2025-04-07T15:35:07","date_gmt":"2025-04-07T12:35:07","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/someone-hacked-ransomware-gang-everests-leak-site\/"},"modified":"2025-04-07T15:35:07","modified_gmt":"2025-04-07T12:35:07","slug":"someone-hacked-ransomware-gang-everests-leak-site","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/someone-hacked-ransomware-gang-everests-leak-site\/","title":{"rendered":"Someone hacked ransomware gang Everest\u2019s leak site"},"content":{"rendered":"<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">A leak site used by the Everest ransomware gang was hacked and defaced this weekend, TechCrunch has learned.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">The leak site, which the ransomware gang uses to publish stolen files to extort its victims into paying a ransom demand, was replaced with a brief text note: \u201cDon\u2019t do crime CRIME IS BAD xoxo from Prague.\u201d<\/p>\n<div class=\"ad-unit ad-unit--mobile ad-unit--has-placeholder ad-unit--display wp-block-tc-ads-ad-slot has-background has-gray-100-background-color\">\n<\/div>\n<div class=\"ad-unit ad-unit--desktop ad-unit--native wp-block-tc-ads-ad-slot\">\n<\/div>\n<p class=\"wp-block-paragraph\">The site was still defaced at the time of writing. It\u2019s not clear if the gang also experienced a data breach as a result of the hack.<\/p>\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"419\" src=\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg\" alt=\"a screenshot from the Everest ransomware gang's dark web leak site, which reads: &quot;Don't do crime CRIME IS BAD xoxo from Prague.&quot;\" class=\"wp-image-2990149\" srcset=\"https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg 1000w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=150,63 150w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=300,126 300w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=768,322 768w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=680,285 680w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=430,180 430w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=720,302 720w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=900,377 900w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=800,335 800w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=668,280 668w, https:\/\/techcrunch.com\/wp-content\/uploads\/2025\/04\/crime-everest-defacement.jpg?resize=708,297 708w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\"\/><figcaption class=\"wp-element-caption\"><span class=\"wp-block-image__credits\"><strong>Image Credits:<\/strong>TechCrunch (screenshot)<\/span><\/figcaption><\/figure>\n<p class=\"wp-block-paragraph\">Everest is a prolific Russia-linked ransomware gang that has claimed credit for multiple hacks and data breaches since its inception in 2020, including the theft of more than 420,000 customers\u2019 data from cannabis retail chain Stiizy. The U.S. government has also <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.documentcloud.org\/documents\/25880723-hhs-hc3-everest-ransomware-alert\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">attributed several hacks<\/a> to Everest, including breaches at the U.S. space agency NASA and the Brazilian government.<\/p>\n<p class=\"wp-block-paragraph\">Ransomware (and extortion) attacks are on the rise, but recent data shows that the number of victim payments to hackers dropped overall during 2024 as more businesses refused to pay hefty ransoms.<\/p>\n<p class=\"wp-block-paragraph\">While law enforcement operations have targeted and disrupted some ransomware gangs in recent years, including the LockBit and Radar hacking groups, several ransomware gangs have also experienced damaging leaks and sabotage from within.<\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/category\/technology\/\" target=\"_blank\" >Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2025\/04\/07\/someone-hacked-everest-ransomware-gang-dark-web-leak-site\/\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A leak site used by the Everest ransomware gang was hacked and defaced this weekend, TechCrunch has learned.\u00a0 The leak site, which the ransomware gang uses to publish stolen files to extort its victims into paying a ransom demand, was replaced with a brief text note: \u201cDon\u2019t do crime CRIME IS BAD xoxo from Prague.\u201d&#8230;<\/p>\n","protected":false},"author":1,"featured_media":661220,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2021\/06\/ransomware.jpg?resize=1200,790","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[70375,72458,61594,73240,72287],"class_list":["post-661219","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-cybersecurity","tag-data-breach","tag-exclusive","tag-ransomware","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/661219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=661219"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/661219\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/661220"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=661219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=661219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=661219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}