- EVESTA RANSOMWARE OPERATORS Add Mailchimp to your data leakage site
- They claimed to have stolen 767 MB of confidential data
- The community mocked file size
The Rsomware Russian Evrest gang says that it recently entered the Mailchimp email marketing giant, left signs on its dark website and gave the company a few days to intensify and pay, or face the consequences. But instead of stiring: the group became a laughter stock of the cyber security community.
Mailchimp is one of the most popular platforms in its industry, with more than 14 million active users, so when cybercriminals enter and steal data, the community awaits a large database with a lot of Intel juicy inside.
Everest, however, exfiltrated “only” 767 MB of information, which includes 943,536 lines, and apparently includes “internal documents of the company.”
“The filtration of your internal company’s documents contains a wide variety of personal documents and customer information,” Everest said apparently in his data leakage place.
The news was collected by the “VX-Subterraine” malware repository that, in X, said the database seemed: “notably small for a provider as large and extended as Mailchimp.”
Others quickly intervened, sharing a similar feeling: “As a client,” said a person. “That is probably 300 milliseconds of Mailchimp data. A client of the emails of one client was probably leaked,” added another.
Everest is not a group sponsored by the State, but as its members speak Russian, security researchers believe that the group is also there.
He has been active since 2020, starting as data extinction and then evolving a complete ransomware operation. Over time, it has also changed a bit to act as an initial access corridor (IAB), selling access to compromised networks to other criminal gangs instead of executing Ransomware themselves.
So far, he has claimed hundreds of victims, including heavyweights such as AT&T, multiple South American governments, Coca’s wing -Cola Middle East, Crumbl cookies, Medicine Hospitals and Saudi Conglomerate Group Rezayat.
Through Cybernews
