Everest ransom group collects and analyzes information about their victims. They specialize in customer privacy data, financial information, databases, credit card information, and more. The Everest ransom group leaks the victim's data to the darknet and they announced that any victim that will not contact them will suffer from a data leak and they will not delete hist files for future usage.
Genera un perfil del actor con IA (defensivo) cuando lo pidas.
Tácticas y técnicas observadas del actor, mapeadas a MITRE ATT&CK (clic para ver la ficha oficial). Útil para priorizar detecciones.
Firma de detección defensiva para este grupo (úsala en tu EDR/SIEM). Fuente: ransomware.live.
/*
Everest ransomware / data extortion
*/
rule Everest_Ransomnote
{
meta:
author = "ransomware.live"
family = "ransomware.everest"
description = "Detects Everest ransomware ransom note"
date = "2026-05-04"
severity = 7
score = 70
strings:
$s1 = "@Everest Read Me.txt" ascii nocase
$s2 = "Everest" ascii
$s3 = "everestteam" ascii nocase
$s4 = "everest.team" ascii nocase
condition:
any of them
}
Dear [snip], Greetings from the Everest team. Your systems have been attacked, the files are encrypted. You can read about us in our blog (Tor browser needed) Blog : [redactado] Or read about our group in Twitter Also, our team was able to bypass your "Dataprotection" as any other your protection software and more than 1 Terabyte of internal files were exfiltrated to our servers, which we can confirm with great joy and ease The list contains financial documents, internal orders, KYC information(documents,photos...), trusted representatives personal info Client risk levels,loans, debt and client data. Various financial documentation, backups , etc. etc. The information was collected both from personal PCs and from centralized storage locations. If an agreement is reached with us, this information will never be published and the problem will disappear as if it never happened, otherwise it will be posted on our blog and darknet. Which will lead to even greater financial and reputational losses on your part. Also you will get 1.Attack logbook (months of experience with your company) with full list of vulnerabilities and bypass methods 2.Advices how to singifically improve your security and avoid such attacks in the future 3.We will delete all files from your company 4.We will attack your company no more Yours trully Everest Team Email to contact: [redactado] Your key: [snip]
[AI generated] N/A
[AI generated] N/A
| Organización | País | Sector | Grupo | Descubierta |
|---|---|---|---|---|
| Asopagos S.A. | CO | Not Found | — | 29 may 2026 |
| ЕРМ | Business Services | — | 29 may 2026 | |
| Spedition Kern | DE | Transportation/Logistics | — | 28 may 2026 |
| Advanced Psychiatry Associates | US | Healthcare | — | 28 may 2026 |
| Sidra Kuwait Hospital | KW | Healthcare | — | 28 may 2026 |
| VVO Finance | DE | Financial Services | — | 28 may 2026 |
| AKM | JP | Not Found | — | 28 may 2026 |
| TransferZ | US | Transportation/Logistics | — | 28 may 2026 |
| L&P Aesthetics | US | Healthcare | — | 28 may 2026 |
| Parque Eólico Toabré | PA | Energy | — | 31 mar 2026 |
| Petrobras Campos Basin 3D & 4D Seismic Survey Data | BR | Energy | — | 17 nov 2025 |
| Petrobras / SAExploration | BR | Energy | — | 17 nov 2025 |
Las direcciones de los sitios de filtración (.onion) se conocen pero no se publican ni se enlazan. Solo se muestran metadatos públicos. ética
[AI generated] N/A
[AI generated] Advanced Psychiatry Associates is a psychiatric medical practice based in the United States. The company provides comprehensive mental health services, including evaluation, diagnosis, and treatment of psychiatric conditions such as depression, anxiety, ADHD, and bipolar disorder. It operates within the healthcare and behavioral health industry, offering both medication management and therapy services to adult and adolescent patients across its clinic locations.
[AI generated] Sidra Kuwait Hospital is a private healthcare facility located in Kuwait. It provides a range of medical and clinical services to patients, including diagnostics, outpatient consultations, and specialized treatments. Operating within the private healthcare sector in Kuwait, the hospital serves both local residents and expatriates, contributing to the country's growing private medical infrastructure alongside public health institutions.
[AI generated] N/A