A dark web leak site run by the notorious Everest ransomware gang has been hacked and replaced with a blunt anti-crime message. The site, which the gang typically uses to pressure victims by leaking stolen data, now displays a short note that reads: “Don’t do crime. CRIME IS BAD. xoxo from Prague.”
The defacement was still visible at the time of writing, signaling a rare disruption for a ransomware group known for its aggressive tactics. However, it’s unclear if the hackers responsible for this act also accessed any internal data or compromised Everest’s backend systems.
Everest, which has ties to Russia, has been active since 2020. Over the years, the gang has been linked to a string of high-profile cyberattacks and data breaches. One of its most notable heists involved stealing personal data from over 420,000 customers of cannabis retailer Stiiizy. The gang has also been accused of infiltrating U.S. government agencies, including NASA, as well as breaching Brazilian government systems.
This recent incident adds another layer of intrigue to the evolving cybercrime landscape. While ransomware attacks continue to surge, there’s been a noticeable drop in the number of organizations paying ransoms. According to 2024 industry reports, more companies are pushing back, refusing to give in to extortion, even when critical data is at stake.
At the same time, ransomware groups themselves are facing increasing pressure—not just from law enforcement, but from internal chaos and rival hackers. Law enforcement crackdowns have brought down major operations, such as LockBit and Radar, while some gangs have seen their own sensitive data leaked in internal breaches.
This latest defacement of Everest’s leak site could signal internal sabotage, a rival attack, or simply hacktivists making a bold statement. Either way, it’s a rare and public embarrassment for a group used to being the one holding others hostage.
As cybercriminals become more sophisticated, this incident reminds us that they’re also vulnerable—and sometimes, even they get hacked.
