lockbit2 attacks Vector

Incident Date:

June 18, 2022

World map



lockbit2 attacks Vector






Mato Grosso, Brazil

Cuiabá, Brazil

First Reported

June 18, 2022

Vector Infomática Suffers Ransomware Attack by Lockbit2

Company Overview

Vector Infomática, a Brazilian company specializing in automation and software development, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. Vector Infomática operates in the Software sector and is based in Cuiabá, Brazil. Their website showcases their solutions in automation and commercial systems, with a focus on software management.

Attack Vectors

Ransomware attacks typically exploit various vectors to infiltrate systems. According to a Heimdal Security article, the main vectors of ransomware attacks are phishing, Remote Desktop Protocol (RDP) and credential abuse, and exploitable software vulnerabilities. The 2022 Unit 42 Incident Response Report identified five main attack vectors: exploitable vulnerabilities, brute-force credential attacks, social engineering, previously compromised credentials, and abuse of trust.

Mitigation Strategies

To mitigate the risk of ransomware attacks, organizations should focus on the following strategies:

  • Exploitable Vulnerabilities: Regularly patch and update software to address known vulnerabilities.
  • Brute-Force Credential Attacks: Implement strong password policies and multi-factor authentication (MFA) to protect against unauthorized access.
  • Social Engineering: Conduct regular security awareness training to educate employees about phishing and other social engineering tactics.
  • Previously Compromised Credentials: Monitor for and respond to suspicious login attempts and unauthorized access attempts.
  • Abuse of Trust: Limit administrative privileges and implement least privilege access policies to minimize the risk of insider threats.

The ransomware attack on Vector Infomática underscores the critical importance of cybersecurity vigilance in the software sector. By understanding the common attack vectors and implementing robust security measures, organizations can significantly reduce their risk of falling victim to ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.