The FBI has said that cybercriminal group REvil (also known as Sodinokibi) was behind the recent attack on meat supplier JBS (via The Record). This follows a statement from White House deputy press secretary Karine Jean-Pierre, which indicated that the attack likely came from a Russian-based organization.
REvil has previously been implicated in the recent Apple and Acer ransomware attacks, as well as last year’s Travelex attack. The JBS intrusion, however, could have wide-ranging effects: the company is the world’s largest meat processor, and the incident shut down some of the largest slaughterhouses in the US.
New FBI statement: “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.” pic.twitter.com/JPZtygT8N9— Natasha Bertrand (@NatashaBertrand) June 2, 2021
This is the second major attack on US infrastructure by suspected Russian cybercriminals that we’ve seen in as many months — the group behind the Colonial pipeline attack that occurred last month was also believed to have been carried out by a group based in the country. While JBS is headquartered in Brazil, the company says the affected plants were in the US, Canada, and Australia.