The cyber group behind the Everest ransomware claimed a successful attack on Nissan Motor Co., Ltd. and the theft of 900 GB of data from its systems. As proof, the attackers published some samples of file contents. Specialists are verifying the authenticity of the bold statement. The Japanese automaker itself has not yet confirmed or denied the information regarding the incident. If the breach indeed occurred, this is unfortunate news for Nissan and its shareholders. The attackers’ haul could contain proprietary details, confidential correspondence, and financial and personal data of the company’s clients, employees, and partners. The criminal Everest gang has been active online since 2020. Its eponymous ransomware is similar in code to BlackByte and is offered to other extortionists as a service (Ransomware-as-a-Service, RaaS), along with ready access to target networks. Russian-speaking members of Everest also utilize their creation themselves, demanding ransom in cryptocurrency from victims. They typically resort to additional blackmail as well: threatening non-payers with the publication of data they managed to steal from their systems. This cyber group showcases its “exploits” on the XSS hacker forum and posts lists of targeted companies on its darknet site. In April 2025, Everest’s leak site suffered a defacement—apparently the work of rivals—and resumed operation last summer.
About the Author
