Security News > 2023 > October > Everest cybercriminals offer corporate insiders cold, hard cash for remote access
The Everest ransomware group is stepping up its efforts to purchase access to corporate networks directly from employees amid what researchers believe to be a major transition for the cybercriminals.
Everest ransomware group's message on its deep web blog advertising its intent to recruit corporate insiders.
Possible reasons for the rare move from ransomware group to IAB, which would typically lead to a less lucrative business, aren't fully understood but have been speculated to include evading law enforcement and loss of team members.
Internationally coordinated busts of ransomware gangs are becoming more commonplace and Everest could be trying to avoid becoming the next Hive or REvil.
Over the course of its three-year history, Everest has fluctuated between IAB and ransomware activity regularly.
According to a 2022 survey by Pulse and Bravura Security, 65 percent of corporate executives had been contacted directly by ransomware criminals to help facilitate access into their employers' networks.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/10/12/everest_courting_corporate_insiders/
Related news
- Chinese hackers use Visual Studio Code tunnels for remote access (source)
- Remote Access Checklist (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)