The group behind the Everest ransomware is selling data collected in an attack against the Brazilian government, which was initially disclosed on Tuesday (30). Now, the team is making available on the dark web a package of information linked to the Gov.br system, including 3 TB of data and access accounts.
As a screenshot shared by TecMundo journalist Felipe Payão shows, the cybercriminals are selling the package of stolen information for US$85,000, about R$445,000 in direct conversion. Payment can be made in Bitcoin or Monero cryptocurrencies.
According to the information released by the hacker group, the data is for sale in a single package. In addition to the Gov.br access accounts and 3 TB of data, the content also includes VPN logins, credentials and RDP (remote desktop protocol) connections.
So far, the Special Secretariat for Social Communication has not officially commented on the publication made by the cybercriminals – TecMundo contacted the agency in search of updates. On the 30th, Secom said it had found no evidence of an attack.
Ransomware as a service
The Everest group is famous in the ransomware segment and is gaining notoriety on the cybersecurity scene. In addition to seizing the victim’s information, the attacks also include the sale of access credentials if the ransom is not paid.
While we have no confirmation from the government about the attack, the hacker group’s movements give indications that an action against the government has indeed taken place. Given Everest’s notoriety on the hacker scene, it’s unlikely that the group is marketing false information, as this could damage the team’s reputation.
It’s also worth noting that the team of cybercriminals has attacked the government before. In August 2021, the hacking team was linked to actions carried out against the Ministry of Economy.
Via Tecmundo
