Ransomware Group

Everest

Status: active • First seen 2020-12100+ known victims

Everest does not just ransom companies - they also sell access to hacked networks to other criminals. This makes them dangerous because the attack might come from someone else they sold access to.

Overview

Everest operates as both a ransomware group and an initial access broker, sometimes selling access to victim networks to other threat actors instead of deploying ransomware.

Target Industries

Government, Healthcare, Aerospace, Manufacturing

How They Attack

  • Initial access broker
  • Ransomware deployment
  • Access selling
  • Double extortion

Notable Victims

NASA contractor (2023), Government agencies

Is your business exposed?

How to Protect Against Everest

  1. 1.

    Monitor for unauthorized access patterns

  2. 2.

    Implement continuous security monitoring

  3. 3.

    Assess aerospace sector security

MITRE ATT&CK Techniques

T1486, T1567, T1078, T1021

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices