Ransomware Group: SPACEBEARS

VICTIM NAME: EVERTECH INSTRUMENTAL CO[.], LTD

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SPACEBEARS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to Ever Tech Instrumental Co., Ltd, a company based in Taiwan operating within the technology sector, specifically in the Flat Panel Display (FPD) industry. The breach involves the exposure of sensitive data such as company databases, financial documents, and personal information of employees and clients. The incident was discovered on April 17, 2025, following the attack that occurred on April 15, 2025. The company’s activities include importing advanced materials, optical, and analytical equipment from Japan and Korea. The leak may include confidential files and potentially damaging internal information, which the attackers have claimed to have obtained and are possibly releasing or threatening to release publicly. Visual evidence of the breach includes a screenshot of compromised data, highlighting the severity of the incident and its impact on the company’s operations. The leak page is hosted on an onion URL, indicating its dark web origin, and reflects ongoing cybercriminal activity targeting businesses in the technology supply chain. Overall, the incident underscores the importance of cybersecurity defenses to prevent sensitive corporate and client information from being exposed or exploited.