The Everest ransomware emerged in the second half of 2018, making attacks on several companies and large organizations, one example was the attack on the Brazilian government, more specifically on the national treasury and also on a network of the Attorney General of the National Treasury, these attacks were carried out in August 2021.
The Everest ransomware is part of the Everbe 2.0 family, which is composed of Embrace, PainLocker, EvilLocker and Hyena Locker ransomware.
The group uses the technique of double extortion, trying to maximize profits from their attacks, in this tactic payment is required not only to obtain the decryption key but also for the company’s data not to be disclosed. This method is used by most ransomware.
Ransomware Everest uses the tactic of spam e-mails, this tactic is to fill the spam box with commercial e-mails from advertising companies, because in this case there is a chance that the malicious e-mail will go straight to your inbox and not to the spam box.
This email has a Word or Excel file with “financial information”, they have files with a payload of malicious macros, which execute the ransomware attack. This is usually the port used by Everest ransomware.
When it comes to recovering files encrypted by ransomware attacks, Digital Recovery is ahead of other companies, due to the fact that we have managed to develop a unique technology that is effective for data recovery.
We have the solution to recover any ransomware extension, including Everest.
In emergency recovery mode, our labs operate 24×7 so that the customer can get their data back as quickly as possible.
The customer can follow the entire process in real time, with the help of one of our specialists. If it is not possible to send the infected device to our lab, we can recover it remotely, in a totally safe environment.
We can recover Virtual Machines, Databases, RAID Systems, Storages, Servers, HDDs, SSD that have been encrypted by ransomware.
All our processes are in accordance with the highest standard of customer data protection and we also make available to all our customers an non-disclosure agreement (NDA).
Contact our experts and start the recovery process now.