The FBI has said that cybercriminal group REvil (also known as Sodinokibi) was behind the recent attack on meat supplier JBS (via The Record). This follows a statement from White House deputy press secretary Karine Jean-Pierre, which indicated that the attack likely came from a Russian-based organization.
REvil has previously been implicated in the recent Apple and Acer ransomware attacks, as well as last year’s Travelex attack. The JBS intrusion, however, could have wide-ranging effects: the company is the world’s largest meat processor, and the incident shut down some of the largest slaughterhouses in the US.
This is the second major attack on US infrastructure by suspected Russian cybercriminals that we’ve seen in as many months — the group behind the Colonial pipeline attack that occurred last month was also believed to have been carried out by a group based in the country. While JBS is headquartered in Brazil, the company says the affected plants were in the US, Canada, and Australia.