Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo everelgroup.com

Group: cactus

Discovered by ransomware.live: 2025-02-24

Estimated attack date: 2025-02-12

Country: IT

Description:

<p>Appliances.<br><br>“Everel is a leader in the production and supply of electromechanical parts for the most celebrated household electrical appliance manufacturers and for the principal automobile producers.”<br><br>Website: <a href="https://www.everelgroup.com/">https://www.everelgroup.com/</a><br><br>Revenue : $259M<br><br>Address: 9 Via Cavour, Valeggio sul Mincio, Veneto, 37067, Italy<br><br>Phone Number: +39 456313711<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> <a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/EVERELGROUP/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/EVERELGROUP/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/EVERELGROUP/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/EVERELGROUP/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Personal Identifiable information, database backups, corporate confidential documents, projects, contracts, engineering documents\drawings, operations data, financial documents\payroll, employees personal docs, corporate correspondence, etc.</p><p><img src="/uploads/8d_passaporto_Ioan_Gornic_Schrob_635a4e77f5.png" alt="8d_passaporto Ioan Gornic Schrob.png"><img src="/uploads/5_CI_Francesca_Castelletti_fc4c0e816d.png" alt="5_CI Francesca Castelletti.png"><img src="/uploads/ZORDST_20240131_143026_6e526679f7.png" alt="ZORDST_20240131_143026.png"><img src="/uploads/Budget_2025_DRAFT_vers_2_e00997ee44.png" alt="Budget 2025 - DRAFT_vers 2.png"><img src="/uploads/Contract_de_confidentialitate_153_10_04_2023_21a7d6db52.png" alt="Contract-de-confidentialitate-153-10.04.2023.png"></p>


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse serverplan.com
  • info alfaservice.it
  • domini serverplan.com
MX Records
  • mx34.elmecnet.net.
  • mx33.elmecnet.net.
TXT Records
  • v=spf1 a mx ip4:82.188.208.147 ip4:84.247.224.60 ip4:40.95.89.77 mx:everelgroup.com include:spf.protection.outlook.com include:musvc.com -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot