Ransomware Group: EVEREST

VICTIM NAME: Jordan Kuwait Bank

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Jordan Kuwait Bank, a financial institution established in 1972 that operates across Jordan, Palestine, and Cyprus. The attack was discovered on May 2, 2025, and involved a data breach that compromised various banking and customer-related information. The leak was linked to malware strains such as Raccoon, RedLine, Vidar, and others, which are known for their info-stealing capabilities. The stolen data likely includes internal documents, possibly screenshots of sensitive information, as indicated by the leaked images. The hackers claim to have access to certain data, and there are indications that some data may be available for download or review, though specific files are not publicly disclosed. The bank’s digital infrastructure, including online banking applications, was potentially impacted, raising concerns about security vulnerabilities.

Jordan Kuwait Bank, operating within the financial services sector, has a significant presence in the Middle East, and this breach could affect its operations and customer trust. The incident involves multiple malware variants used by cybercriminals to extract sensitive information from the bank’s systems. The leak page features a screenshot of what appears to be internal documents, emphasizing the severity of the compromise. The breach’s timing suggests that the attackers aimed to destabilize or threaten the bank’s reputation and financial stability. Despite the limited publicly available technical details, the incident underscores ongoing cybersecurity challenges faced by banking institutions in protecting their digital assets from sophisticated ransomware and info-stealing malware groups.

The breach of Jordan Kuwait Bank highlights the persistent threat of cyberattackers targeting financial institutions in the Middle East. As the bank operates in multiple countries, the attack demonstrates the potential for widespread impact, especially when sensitive customer or corporate data is compromised. The use of multiple malware tools indicates a complex cyber espionage effort. The leak page includes a screenshot of internal documents, which could contain critical information or evidence of how the breach was conducted. Customers and stakeholders are advised to remain vigilant for potential security advisories and monitor their accounts for suspicious activity.