Copy link
Increase text size
Decrease text size
Link copied

JBS Holdings pays $11M in Bitcoin (BTC) in a ransomware attack by REvil

JBS Holdings was forced to give in to the cybercriminals’ demand and handed over millions of dollars in Bitcoin (BTC) to prevent further disruption to its operations.

Image by: Mizzou CAFNR / Flicr

Thu, 10 Jun 2021, 15:06 pm UTC

The world’s largest meat company by sales became the latest victim of a ransomware attack. JBS Holdings was forced to give in to the cybercriminals’ demand and handed over millions of dollars in Bitcoin (BTC) to prevent further disruption to its operations.

JBS USA Holdings Inc. was forced to pay an $11 million ransom in Bitcoin to a cybercriminal group called REvil, according to Coindesk. The cyberattack attack shares similarities to the May 14 ransomware attack on Colonial Pipeline.

JBS conducted its own forensic analysis and concluded that no customer, supplier or employee data has been compromised due to the attack.

“It was very painful to pay the criminals, but we did the right thing for our customers,” JBS USA Holdings Inc. CEO Andre Nogueira told the Wall Street Journal in an interview. He added that payment was only made after most of JBS’s plants were already up and running.

The company decided to give in to the hackers’ demand to minimize the impact on grocery stores, farmers, and restaurants. JBS is the world’s largest meat company by sales. In the U.S., it is the biggest beef processor and one of the top suppliers of chicken and pork.

The company was made aware of the attack on May 30 when staff began noticing irregularities with their servers. It all became clear when a message that demanded a ransom in Bitcoin suddenly appeared.

JBS immediately informed the Federal Bureau of Investigation of the incident. Meanwhile, JBS’s technical team started to close down their meat supplier’s systems to halt the attacker’s advance.

Fortunately for JBS, the company maintains encrypted secondary backups for its data. However, the company still paid REvil the ransom just to ensure that there won’t be further attacks against the firm.

“We didn’t think we could take this type of risk that something could go wrong in our recovery process,” Nogueira said. “It was insurance to protect our customers.”

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

Back to top
Copyright ⓒ TokenPost. All Rights Reserved.