Revil Behind JBS attack

The FBI has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world’s largest meat producer.

All of these ransomware gangs, including REvil, are believed to be operated out of Russia.
The JBS ransomware attack occurred in the early morning hours of Sunday, May 31st, causing JBS to shut down its network to prevent the spread of the attack.

The JBS ransomware attack occured during start of this week causing JBS to shut down its network to prevent the spread of the attack.

The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation.shuts the food production site losing its major network

JBS stated that their backups were not affected and that they would be restoring from backup. But there were two encrypted/corrupted datasets that had prevented the company from going back online.

The issues with these databases appear to have been resolved, and JBS states that most of their plants should be operational tomorrow.

Our systems are coming back online and we are not sparing any resources to fight this threat. We have cybersecurity plans in place to address these types of issues and we are successfully executing those plans