Ransomware Group: EVEREST

VICTIM NAME: Crumbl – Full leak published

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

This report pertains to a ransomware incident involving a business identified as “Crumbl.” The leak was discovered on July 31, 2025, and the attack is recorded to have taken place on July 23, 2025. The victim’s activity type is unspecified, and the incident occurred within the United States. The leak page contains a screenshot, which appears to display internal information or data, indicating that sensitive data may have been compromised or exposed during the attack. The leak has been publicly published on the dark web and is associated with the threat group “everest.” This incident involves the publication of all compromised files, with potential data leaks including internal documents or business-related information.

The leak page includes a claim URL that provides access to further details about the breach, although the specific content of the leak is not detailed in this report. The publication confirms that a full data leak has occurred, but no specific files, PII, or sensitive details are disclosed here for security reasons. The incident highlights the ongoing threat landscape faced by organizations, especially within the US, in which cybercriminal groups continue to target and expose sensitive business information. The included screenshot suggests the presence of internal or operational data, possibly intended to pressure the victim or showcase the breach’s extent.