2 June 2021

Russian criminal group likely behind JBS hack


Russian criminal group likely behind JBS hack

A ransomware attack that hit JBS, the world's largest meat producer, over the weekend was coordinated by a gang likely from Russia, the White House said on Tuesday citing Brazil’s JBS SA.

The attack that took place on Sunday, May 30, impacted some of the JBS ‘s servers supporting its North American and Australian IT systems causing disruption in operations in North America and Australia. Due to the incident JBS’ plants across Australia, the United States, and Canada have been shut down.

Citing people familiar with the intrusion, Bloomberg reported that the culprit behind the attack is believed to be the REvil (Sodinokibi) ransomware group.

The White House spokeswoman Karine Jean-Pierre said the US was “engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals. She added that the FBI was investigating the attack and that US president Joe Biden had directed the administration to look at ways to mitigate supply disruptions.

In a statement JBS said that it is “not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation.”


Back to the list

Latest Posts

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024
Sophisticated malware campaign targeting end-of-life routers and IoT devices

Sophisticated malware campaign targeting end-of-life routers and IoT devices

A recent campaign targeted over 6,000 ASUS routers in less than 72 hours.
27 March 2024
Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

The observed cyberattack employed phishing emails as the primary method of infiltration.
27 March 2024