FBI: The massive cyberattack recorded by food distribution company JBS, which is headquartered in Brazil, has become a matter for the FBI. The invasion compromised the company’s servers in several regions, including the United States, and resulted in a stoppage of several activities of the conglomerate this week.
This Wednesday (2), the investigation team released a note that confirms those responsible for the attack: the REvil group, responsible for the Sodinokibi tool. These are well-known names to authorities in terms of cybercrime.
REvil has been responsible for major ransomware scams in recent months. He was the one who attacked Quanta, an important supplier of Apple components, as well as the Rio Grande do Sul Court of Justice (TJ-RS). Possibly of Russian origin, the group also carries out many attacks in the Latin American region and operates using a known procedure.
Attackers find breaches in systems or gain an employee’s credentials, possibly via phishing, until they gain access to corporate networks to send the ransomware. Traditionally, the program locks corporate machines and only releases systems upon payment of a ransom, a practice that is not recommended by experts.
The FBI claims that it is “working diligently to bring the perpetrators of the threat to justice” and stresses that individuals or companies who are victims of such intrusions must notify authorities immediately after the intrusion, as this agility contributes to the investigation and can minimize damage .