Everest ransomware's dark web leak site defaced, now offline

The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. The unknown attacker replaced the website's contents with the following sarcastic message: "Don't do crime CRIME IS BAD xoxo from Prague." The Everest operation has since taken down its leak site, which no longer loads and now displays an "Onion site not found" error. While it's unknown how the attacker gained access to Everest's website or if it was even hacked, some security experts, like Flare Senior Threat Intelligence Researcher Tammy Harper, point to a potential WordPress vulnerability that could've been exploited to deface the ransomware operation's leak site. "It is worth mentioning that Everest was using a Wordpress template for their blog. I would not be surprised if that was how this happened," Harper said. Everest's defaced leak site (Tammy H.) ​Since it surfaced in 2020, the Everest ransomware operation has switched tactics from ... Read full article.