lockbit2 attacks GP Vivienda

Incident Date:

February 21, 2022

World map



lockbit2 attacks GP Vivienda


GP Vivienda




Monterrey, Mexico

Nuevo Leon, Mexico

First Reported

February 21, 2022

GP Vivienda Ransomware Attack

Company Overview

GP Vivienda, a real estate company based in Mexico, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. GP Vivienda is known for its wide range of properties for sale across Mexico, featuring a user-friendly website that facilitates online browsing and purchasing. The company prides itself on offering a seamless buying experience, highlighted by online appointment scheduling and direct communication with sales representatives.

Vulnerabilities and Attack Vectors

Ransomware attacks frequently exploit weaknesses in web applications. In 2022, web browsing emerged as the predominant entry vector for ransomware infections, representing 75.5% of cases. It is plausible that the attackers leveraged outdated web applications or unpatched vulnerabilities on GP Vivienda's website to initiate the ransomware deployment.

Mitigation Strategies

To counter the threat of ransomware attacks, it is crucial for companies to keep their web applications updated and regularly patched. Furthermore, the adoption of comprehensive backup and recovery solutions is essential for safeguarding against potential data loss during such security incidents.

The ransomware attack on GP Vivienda underscores the critical need for maintaining current web applications and instituting strong security protocols to fend off ransomware threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.