Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo everelgroup.com

Group: Cactus

Discovered by ransomware.live: 2025-02-24

Estimated attack date: 2025-02-12

Country: IT

Description:

<p>Appliances.<br><br>“Everel is a leader in the production and supply of electromechanical parts for the most celebrated household electrical appliance manufacturers and for the principal automobile producers.”<br><br>Website: <a href="https://www.everelgroup.com/">https://www.everelgroup.com/</a><br><br>Revenue : $259M<br><br>Address: 9 Via Cavour, Valeggio sul Mincio, Veneto, 37067, Italy<br><br>Phone Number: +39 456313711<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> <a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/EVERELGROUP/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/EVERELGROUP/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/EVERELGROUP/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/EVERELGROUP/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Personal Identifiable information, database backups, corporate confidential documents, projects, contracts, engineering documents\drawings, operations data, financial documents\payroll, employees personal docs, corporate correspondence, etc.</p><p><img src="/uploads/8d_passaporto_Ioan_Gornic_Schrob_635a4e77f5.png" alt="8d_passaporto Ioan Gornic Schrob.png"><img src="/uploads/5_CI_Francesca_Castelletti_fc4c0e816d.png" alt="5_CI Francesca Castelletti.png"><img src="/uploads/ZORDST_20240131_143026_6e526679f7.png" alt="ZORDST_20240131_143026.png"><img src="/uploads/Budget_2025_DRAFT_vers_2_e00997ee44.png" alt="Budget 2025 - DRAFT_vers 2.png"><img src="/uploads/Contract_de_confidentialitate_153_10_04_2023_21a7d6db52.png" alt="Contract-de-confidentialitate-153-10.04.2023.png"></p>


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse serverplan.com
  • info alfaservice.it
  • domini serverplan.com
MX Records
  • mx34.elmecnet.net.
  • mx33.elmecnet.net.
TXT Records
  • v=spf1 a mx ip4:82.188.208.147 ip4:84.247.224.60 ip4:40.95.89.77 mx:everelgroup.com include:spf.protection.outlook.com include:musvc.com -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.