- In the first week of June 2021, the largest meat producer in the world, JBS Holdings became a victim of a cyber attack. Criminals sneak into the company’s system and took it over. It led to the suspension of several meat plants in the US, Canada, and Australia.
- JBS Holdings paid a ransom of 30 Bitcoin (BTC) worth $11 million to restore its operations and avoid further damages.
- Earlier, at the end of May 2021, The Colonial Pipeline was at the receiving end of a similar cyberattack that crippled fuel supply in the southeast region of the US for days.
- The Colonial Pipeline paid $4.4 million as a ransom. Luckily, the US government task force recovered $2.3 million out of that amount from a Bitcoin wallet.
The Largest Meat Supplier in the World JBS Holdings Pays $11M in a Crypto Ransomware Attack
The largest meat supplier in the world, JBS Holdings had to shut down some of its plants in the US, Canada, and Australia, in an unprecedented ransomware attack.
JBS paid 30 bitcoin worth $11 million to attackers to avoid further impact on its own and partners’ businesses, such as restaurants, farmers, and grocery stores.
Coindesk reported that on June 9, 2021, JBS Holdings made the payment to a group called “REvil,” which did not leave any trace as to how it sneaked into the company’s systems.
The attack is similar to the ransomware attack on the Colonial Pipeline that happened on May 14. We will talk about this attack too in a later section.
According to a report by Reuters, the attack may have been carried out by a criminal organization based in Russia.
Later, JBS conducted a forensic investigation and confirmed that no data relating to customers, suppliers, or employees were breached in the attack.
The CEO of JBS Holdings, Mr. Andre Nogueira said it was painful to pay the amount to the criminals, but it was done to protect the customers. He also said that the company paid the ransom after most of the JBS plants became functional again.
JBS came to know about the attack on May 30 after its employees started noticing signs of irregularities on their servers. Then a message displayed demanding a ransom in bitcoin.
After getting the message, JBS contacted the FBI right away, and the IT staff in the company started closing the supplier’s systems to prevent further attacks.
Fortunately, JBS kept secondary data backups in the encrypted form but had to pay the ransom amount to restore its operations.
Attacks like this make it even more important to roll out stringent privacy protocols & security-related projects.
US Task Force Recovers $2.3M Crypto Ransom Taken from the Colonial Pipeline
The US government task force officials recovered crypto worth more than $2.3 million that was paid after a cyber attack on the Colonial Pipeline system.
The attack on the Colonial Pipeline crippled the fuel delivery in the southeast region of the US for several days. According to the investigators, the attackers may have a link to a gang located in Russia.
Later, Colonial Pipeline confirmed that made a payment of $4.4 million as ransom to the cyber-criminal gang that is responsible for the attack.
During a press conference, Lisa Monaco, the Deputy Attorney General issued a statement that the government task force traced and recovered Bitcoin (BTC) worth $2.3 million from DarkSide hackers in Russia.
Ms. Monaco also mentioned that it was the first time the government task force investigated, disrupted, and prosecuted a ransomware attack.
Monaco said the company quickly notified authorities of the problem and ransom demand, leading to the task force’s involvement.
During the same press conference, Paul Abatte, FBI Deputy Associate Director, stated that the task force recovered the amount from a Bitcoin wallet that was used to pay the ransom in the past.
A report by The Wall Street Journal says that the FBI disclosed some details on how it could recover $2.3 million from the total ransom that Colonial Pipeline paid.
The task force used a sophisticated method to map hundreds of millions of bitcoin addresses that are linked to illegal groups around the world. Investigators traced the money from the coffer’s of the pipeline operator to a Bitcoin address.