Broward Realty Hit by Everest Ransomware Exposing Data Risks
Incident Date:
October 7, 2024
Overview
Title
Broward Realty Hit by Everest Ransomware Exposing Data Risks
Victim
Broward Realty Corp
Attacker
Everest
Location
First Reported
October 7, 2024
Everest Ransomware Group Targets Broward Realty Corp in Cyber Attack
Broward Realty Corp, a small real estate firm based in Broward County, Florida, has become the latest victim of the Everest ransomware group. This attack highlights the vulnerabilities faced by small businesses in the real estate sector, particularly those with limited cybersecurity resources.
Company Profile and Industry Standing
Established in 2012, Broward Realty Corp operates primarily in the real estate sector, focusing on brokerage and agent services. Despite its small size, employing between one to four individuals, the company has carved a niche in the competitive Broward County market. It offers personalized services in residential and commercial property sales, property management, and investment opportunities. The firm's commitment to client satisfaction and personalized service distinguishes it in the industry, catering to a diverse clientele, including first-time homebuyers and seasoned investors.
Details of the Ransomware Attack
The Everest ransomware group has claimed responsibility for the attack on Broward Realty Corp, asserting that they have exfiltrated the company's database. The cybercriminals have threatened to release the compromised data on October 21, 2024, and have posted sample screenshots of the stolen data on their dark web portal. This breach poses a significant risk to the company's operations and client information, potentially affecting its reputation and financial stability.
Everest Ransomware Group: Tactics and Distinction
Active since December 2020, the Everest ransomware group is notorious for its involvement in ransomware attacks, data exfiltration, and initial access brokering. The group has evolved from a data exfiltration outfit to a ransomware operator, with its activities linked to the EverBe 2.0 family and the BlackByte group. Everest distinguishes itself by targeting organizations across various industries, with a focus on the Americas. It employs tactics such as using legitimate compromised user accounts and Remote Desktop Protocol (RDP) for lateral movement, encrypting files with AES and DES algorithms.
Potential Vulnerabilities and System Penetration
Small businesses like Broward Realty Corp often lack comprehensive cybersecurity measures, making them attractive targets for ransomware groups like Everest. The group's ability to penetrate systems may have been facilitated by exploiting weak security protocols or through phishing attacks. The use of legitimate compromised accounts and RDP suggests that the attackers may have gained initial access through stolen credentials or unpatched vulnerabilities.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.