Ransomware Group: NIGHTSPIRE

VICTIM NAME: Eversendai

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NIGHTSPIRE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Eversendai, a construction company based in Malaysia. The incident was discovered on July 1, 2025, and involves a data breach that resulted in the compromise of approximately 10 terabytes of sensitive information. The attackers, identified as part of the Nightspire group, appear to have targeted the company’s digital assets through an infostealer malware. Notable malware used include Lumma, RedLine, and Vidar, which collectively compromised the accounts of 14 users and six third-party entities. The leak exposes a significant volume of corporate data, potentially impacting ongoing projects and company operations.

The leak webpage mentions that the compromised data includes information from a small team of six employees, with multiple associated third-party domains. Ancillary details such as the presence of screenshots or downloadable data are not specified, but the substantial data volume indicates a serious breach. The attack’s timeline aligns with the announced discovery date, suggesting a recent incident. The incident underscores the importance of cybersecurity measures, especially within the construction sector, which often handles critical and proprietary information. No specific personal information or PII has been disclosed in the leak summary, maintaining privacy and confidentiality standards.