As we previously reported , food manufacturing company JBS Foods was forced to suspend production at several sites due to a hacker attack. The incident affected several JBS manufacturing facilities in various countries, including the United States, Australia and Canada.
Today, JBS is the world’s largest supplier of beef and poultry, as well as the second largest producer of pork. The company operates in the USA, Australia, Canada, Great Britain and so on, serving clients from 190 countries.
The American authorities have already reported that the attack was most likely organized by a Russian-speaking hack group. Now this was confirmed by representatives of the FBI, who said that the responsibility for the incident lies with the well-known hacker group REvil (aka Sodinokibi).
“We attribute the attack to JBS REvil and Sodinokibi and are working hard to bring those responsible to justice,” the FBI said in a statement .
Also, spokeswoman Jen Psaki said that US President Joe Biden will discuss what happened with Russian President Vladimir Putin at the summit in Geneva, which will be held on June 16, 2021.
REvil has been known to cybersecurity specialists since 2019, and is considered an offshoot or rebranding of the ransomware GandCrab, which stopped working in the same year.
The Russian-speaking hack group operates according to the RaaS (Ransomware-as-a-Service) model, that is, the malware developers are involved in hacking corporate networks, stealing data and encrypting them. Thus, the authors of the malware keep 20-30% of the ransom payments, and the rest of the money remains with the “partners”.
Over the years of its existence, REvil managed to compromise many companies and organizations, including: Travelex, Grubman Shire Meiselas & Sacks (GSMLaw), Brown-Forman, SeaChange International, CyrusOne, Artech Information Systems, Albany International Airport, Asteelflash, Quanta Computer.