redalert attacks G4:Group

Incident Date:

September 13, 2022

World map



redalert attacks G4:Group






Providència, Spain

Barcelona, Spain

First Reported

September 13, 2022

G4:group Suffers Ransomware Attack by RedAlert Group

Overview of the Incident

G4:group, a multidisciplinary architecture and engineering firm with a global presence in cities such as Barcelona, Madrid, Turín, París, and Dubai, has recently fallen victim to a ransomware attack orchestrated by the RedAlert ransomware group. This incident was disclosed on the group's dark web leak site, highlighting the ongoing threat posed by cybercriminals to organizations worldwide.

Company Profile

With over two decades of experience in delivering international projects, G4:group has established a comprehensive understanding of client needs, enabling the delivery of projects from concept through to execution. The firm's services encompass a broad spectrum, including design conceptualization, architecture, interior design, furniture, and lighting design. G4:group prides itself on integrating the company's identity into every project phase, ensuring a tailored and cohesive outcome.

Details of the Attack

The RedAlert ransomware group, also identified by the moniker N13V, specifically targets Windows and Linux VMware ESXi servers within corporate networks. Employing a double-extortion tactic, the group first exfiltrates data from the systems before proceeding to encrypt the data locally. This method provides the attackers with increased leverage, posing a significant threat to the victimized organizations.

Implications for G4:group

Although the exact size of G4:group is not detailed, the firm's extensive international operations and multidisciplinary offerings indicate a substantial operational scale. The susceptibility of such a firm to ransomware attacks underscores the advanced capabilities of modern ransomware groups to exploit vulnerabilities in network security and data protection mechanisms.

Protective Measures Against Ransomware Attacks

To mitigate the risk of ransomware attacks, organizations are advised to adopt a multilayered security strategy. This includes securing all potential access points, such as endpoints, emails, web interfaces, and networks. Key recommendations encompass the regular updating of security solutions, conducting frequent scans, ensuring the protection of critical data through routine backups, and the continuous education of employees regarding social engineering tactics.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.