Everest Overview

The Everest ransomware emerged in the second half of 2018, making attacks on several companies and large organizations, one example was the attack on the Brazilian government, more specifically on the national treasury and also on a network of the Attorney General of the National Treasury, these attacks were carried out in August 2021.

The Everest ransomware is part of the Everbe 2.0 family, which is composed of Embrace, PainLocker, EvilLocker and Hyena Locker ransomware.

The group uses the technique of double extortion, trying to maximize profits from their attacks, in this tactic payment is required not only to obtain the decryption key but also for the company’s data not to be disclosed. This method is used by most ransomware.

Ransomware Everest uses the tactic of spam e-mails, this tactic is to fill the spam box with commercial e-mails from advertising companies, because in this case there is a chance that the malicious e-mail will go straight to your inbox and not to the spam box.

Source