Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.
Latest posts by Esme Greene (see all)
- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
An advertisement posted by Everest ransomware group.
The Everest ransomware gang is considered to be active since at least 2018. The illicit organization targets businesses in a variety of sectors and geographical locations, having a focus on US financial services, healthcare, and the public sector. There are 92 organizations listed on its dark web leak site, but it is most well-known for having targeted AT&T and various governments in South America.
It seems like the group is out of the workforce, so hackers are currently searching for new staff. However, many ransomware gangs find their workers online as a part of a hiring process.
Everest`s Attacks
The Everest ransomware organization reportedly said that they have access to NASA and other aerospace industries’ crucial system data. But as of right now, they haven’t demanded money from the victims. Instead, they are asking $30,000 for the data on their leak site, claiming it comes with access to business email and provides a “great opportunity for further intelligence.” A technological security firm called FalconFeedsio tweeted in relation to the ransomware gang downloading information from aerospace companies to their leak site.
The Everest ransomware group’s post, claiming that the organization has data belonging to aerospace firms in the USA, the UK, and nations like Canada.
Screenshot of the leak site selling stolen data (Source: FalconFeedsio)
Based on research made by the NCC organization, the Everest ransomware organization had previously provided its victims’ network access for a charge if its ransom demands were not satisfied. The threat actor collective Everest, which communicates in Russian, has also attacked the governments of countries including Argentina, Brazil, and Peru.
The ransomware was identified as a member of the Everbe 2.0 ransomware family in 2018, according to a data recovery business Digital Recovery. To boost profit by demanding two ransoms, the organization resorts to double extortion.
The Public Reaction
Users of Reddit are actively discussing the offer after the news was posted in one of subreddits called “Hacking”. Most of the comments state that no funds are compared to freedom – “No sum of money would be worth jail time lol” – wrote a Reddit user @According_Claim_9027. Many ransomware groups are being constantly monitored by authorities, so participating in underground hacker groups might actually cost time behind bars.
