Ransomware Group: EVEREST

VICTIM NAME: Rezayat Group

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the EVEREST Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Rezayat Group, a multinational conglomerate based in Saudi Arabia with diverse operations across sectors such as oil & gas, petrochemicals, power generation, construction, real estate, trading, and healthcare. The attack was publicly disclosed with a claim date of July 8, 2025, and the discovery of the leak was noted on July 13, 2025. The leak includes a visual screenshot, possibly depicting internal data or communications, which indicates the attackers may have accessed sensitive organizational information. The site features download options for the leaked data, suggesting a data breach that could have significant operational or strategic implications for the company. The leak’s release is associated with the threat group named Everest. The information suggests potential exposure of critical business details, though no explicit PII or proprietary data is revealed in the publicly available content. Ongoing analysis is recommended to assess the full impact and remedial steps.

The leak’s details, including images, point to a breach involving potentially confidential company data. The visual content may include internal documents or screenshots, but they are presented in a manner that avoids explicit sensitive information disclosure. The incident highlights the importance of cybersecurity measures, especially for organizations operating in highly interconnected and critical sectors like manufacturing and energy. As the attack was identified and reported, the organization and cybersecurity authorities are advised to investigate further, contain possible risks, and reinforce data security protocols. The leak presents a serious security incident with potential repercussions for the company’s reputation and operations, underscoring the need for continuous monitoring and proactive defense strategies against cyber threats.