The identity of the ransomware operation that hit meat processing giant JBS has been revealed: It was the REvil gang, aka Sodinokibi, that did it.
The FBI, late on Wednesday, issued a statement attributing the attack to that ransomware-as-a-service – aka RaaS – operation, which appears to be run from Russia.
“As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities,” the bureau says in its statement. “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.”
JBS, based in Sao Paulo, is the world’s largest meat processor, and discovered the attack on Sunday. In response, the company shut down servers in North America and Australia, and experts warned that any prolonged outage could noticeably impact the global supply of meat.
The company has not disclosed if it received any ransom demand. But on Wednesday, JBS reported that its restoration efforts were continuing to proceed quickly, and that it expected to resume full operations on Thursday.