U.S. Markets close in 4 hrs
  • S&P 500

    4,345.63
    -87.36 (-1.97%)
     
  • Dow 30

    33,961.14
    -623.74 (-1.80%)
     
  • Nasdaq

    14,672.06
    -371.90 (-2.47%)
     
  • Russell 2000

    2,177.37
    -59.50 (-2.66%)
     
  • Crude Oil

    70.79
    -1.18 (-1.64%)
     
  • Gold

    1,761.70
    +10.30 (+0.59%)
     
  • Silver

    22.36
    +0.07 (+0.29%)
     
  • EUR/USD

    1.1732
    0.0000 (-0.0000%)
     
  • 10-Yr Bond

    1.3210
    -0.0490 (-3.58%)
     
  • Vix

    25.48
    +4.67 (+22.44%)
     
  • GBP/USD

    1.3655
    -0.0082 (-0.5981%)
     
  • USD/JPY

    109.4650
    -0.4300 (-0.3913%)
     
  • BTC-USD

    44,590.88
    -3,435.44 (-7.15%)
     
  • CMC Crypto 200

    1,097.43
    -36.95 (-3.26%)
     
  • FTSE 100

    6,908.48
    -55.16 (-0.79%)
     
  • Nikkei 225

    30,500.05
    +176.75 (+0.58%)
     

Hacking Outfit Linked to Russia Is Behind JBS Cyberattack

  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
·2 min read
Hacking Outfit Linked to Russia Is Behind JBS Cyberattack
In this article:
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.

(Bloomberg) -- A notorious Russia-linked hacking group is behind the cyberattack against JBS SA, according to four people familiar with the assault who were not authorized to speak publicly on the matter. The cyber gang goes by the name REvil or Sodinokibi.

While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a darkweb blog called “Happy Blog” to name victims when they decline to engage in ransom negotiations. REvil has yet to post a blog item dedicated to JBS.

The company said Tuesday it had made “significant progress” to resolve the cyberattack that affected operations this week at its meat plants in North America and Australia, and would have the “vast majority” of its plants operational on Wednesday.

JBS SA, the owner of JBS USA and Pilgrim’s Pride Corp., said in an emailed statement that some of the company’s pork, poultry and prepared foods plants were operational and its beef facility in Canada had resumed production.

Earlier this year, REvil took credit for hacking the Taiwanese hardware supplier Quanta Computer Inc. and in the process published secret blueprints for new Apple Inc. devices. Last year, REvil executed a ransomware attack against a law firm they claimed once represented some of Donald Trump’s television enterprises.

In 2019, the group also attacked a group of Louisiana election clerks a week before Election Day.

The U.S. Department of Agriculture said in a statement on Tuesday evening that it “continues to work closely with the White House, Department of Homeland Security, JBS USA and others to monitor this situation closely and offer help and assistance to mitigate any potential supply or price issues.”

Ransomware is a type of malware that locks victims out of their computer networks. Cybercriminals often use ransomware to steal data, too. The hackers then ask for a payment to unlock the files and promise not to leak stolen data.

In recent years, hackers targeted victims with cyber insurance policies and huge volumes of sensitive consumer data that make them more likely to pay a ransom, according to cybersecurity experts.

More stories like this are available on bloomberg.com

Subscribe now to stay ahead with the most trusted business news source.

©2021 Bloomberg L.P.