Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
  1. Homepage
  2. Equities
  3. Brazil
  4. Bolsa de Valores de Sao Paulo
  5. JBS S.A.
  6. News
  7. Summary


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

JBS S A : Governments turn tables on ransomware gang REvil by pushing it offline -sources

10/21/2021 | 06:27pm EST

Oct 21 (Reuters) - The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official.

Former partners and associates of the Russian-led criminal gang were responsible for a May cyberattack https://www.reuters.com/technology/ransomware-gangs-disrupted-by-response-colonial-pipeline-hack-2021-05-14/?enowpopup on the Colonial Pipeline that led to widespread gas shortages on the U.S. East Coast. REvil's direct victims include top meatpacker JBS. The crime group's "Happy Blog” website, which had been used to leak victim data and extort companies, is no longer available.

Officials said the Colonial attack used encryption software called DarkSide, which was developed by REvil associates.

VMWare head of cybersecurity strategy Tom Kellermann said law enforcement and intelligence personnel stopped the group from victimizing additional companies.

"The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries, have truly engaged in significant disruptive actions against these groups,” said Kellermann, an adviser to the U.S. Secret Service on cybercrime investigations. “REvil was top of the list.”

A leadership figure known as "0_neday," who had helped restart the group's operations after an earlier shutdown, said REvil's servers had been hacked by an unnamed party.

"The server was compromised, and they were looking for me," 0_neday wrote on a cybercrime forum last weekend and first spotted by security firm Recorded Future. "Good luck, everyone; I'm off."

U.S. government attempts to stop REvil, one of the worst of dozens of ransomware gangs that work with hackers to penetrate and paralyze companies around the world, accelerated after the group compromised U.S. software management company Kaseya in July. https://www.reuters.com/technology/biden-says-uncertain-who-is-behind-latest-ransomware-attack-2021-07-03

That breach opened access to hundreds of Kaseya's customers all at once, leading to numerous emergency cyber incident response calls.


Following the attack on Kaseya, the FBI obtained a universal decryption key that allowed those infected via Kaseya to recover their files without paying a ransom.

But law enforcement officials initially withheld the key for weeks as it quietly pursued REvil's staff, the FBI later acknowledged. https://www.washingtonpost.com/national-security/ransomware-fbi-revil-decryption-key/2021/09/21/4a9417d0-f15f-11eb-a452-4da5fe48582d_story.html

According to three people familiar with the matter, law enforcement and intelligence cyber specialists were able to hack REvil's computer network infrastructure, obtaining control of at least some of their servers.

After websites that the hacker group used to conduct business went offline in July, the main spokesman for the group, who calls himself "Unknown," vanished from the internet.

When gang member 0_neday and others restored those websites from a backup last month, he unknowingly restarted some internal systems that were already controlled by law enforcement.

“The REvil ransomware gang restored the infrastructure from the backups under the assumption that they had not been compromised,” said Oleg Skulkin, deputy head of the forensics lab at the Russian-led security company Group-IB. “Ironically, the gang's own favorite tactic of compromising the backups was turned against them.”

Reliable backups are one of the most important defenses against ransomware attacks, but they must be kept unconnected from the main networks or they too can be encrypted by extortionists such as REvil.

A spokesperson for the White House National Security Council declined to comment on the operation specifically.

"Broadly speaking, we are undertaking a whole of government ransomware effort, including disruption of ransomware infrastructure and actors, working with the private sector to modernize our defenses, and building an international coalition to hold countries who harbor ransom actors accountable," the person said.

The FBI declined to comment.

One person familiar with the events said that a foreign partner of the U.S. government carried out the hacking operation that penetrated REvil's computer architecture. A former U.S. official, who spoke on condition of anonymity, said the operation is still active.

The success stems from a determination by U.S. Deputy Attorney General Lisa Monaco that ransomware attacks on critical infrastructure should be treated as a national security issue akin to terrorism, Kellermann said.

In June, Principal Associate Deputy Attorney General John Carlin told Reuters https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03 the Justice Department was elevating investigations of ransomware attacks to a similar priority.

Such actions gave the Justice Department and other agencies a legal basis to get help from U.S. intelligence agencies and the Department of Defense, Kellermann said.

"Before, you couldn't hack into these forums, and the military didn't want to have anything to do with it. Since then, the gloves have come off." (Reporting by Joseph Menn and Christopher Bing; Editing by Chris Sanders and Grant McCool)

ę Reuters 2021
All news about JBS S.A.
12/01Investor group warns livestock industry needs to do more on methane
11/18JBS Is Entering the Cultivated Protein Market with the Acquisition of Biotech Foods and..
11/18JBS S.A. agreed to acquire an unknown majority stake in Biotech Foods SL for ?36 millio..
11/17Brazil's JBS agrees to buy Spanish lab meat firm in $100 mln push into sector
11/17JBS S.A. : Ex-dividend day for interim dividend
11/12JBS S A : Apresentação Institucional incluindo resultados do 3T21
11/10LIVESTOCK-CME hog futures rise on U.S. program to speed slaughtering
11/10JBS 3Q Profit Rose as Sales in U.S., Brazil Jumped
11/10Asia's growing appetite for beef helps Brazil's JBS to earnings beat
11/10JBS S.A. Reports Earnings Results for the Third Quarter and Nine Months Ended September..
More news
Analyst Recommendations on JBS S.A.
More recommendations
Sales 2021 330 B 58 452 M 58 452 M
Net income 2021 14 622 M 2 587 M 2 587 M
Net Debt 2021 51 294 M 9 075 M 9 075 M
P/E ratio 2021 5,33x
Yield 2021 6,74%
Capitalization 77 809 M 13 760 M 13 766 M
EV / Sales 2021 0,39x
EV / Sales 2022 0,37x
Nbr of Employees 250 000
Free-Float 33,2%
Chart JBS S.A.
Duration : Period :
JBS S.A. Technical Analysis Chart | JBSS3 | BRJBSSACNOR8 | MarketScreener
Technical analysis trends JBS S.A.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 13
Last Close Price 33,41 BRL
Average target price 47,59 BRL
Spread / Average Target 42,4%
EPS Revisions
Managers and Directors
Gilberto Tomazoni Chief Executive & Operating Officer
Guilherme Perboyre Cavalcanti Chief Financial & Investor Relations Officer
Jeremiah Alphonsus O'Callaghan Chairman
Eliseo Santiago Perez Fernandez Director-Administration & Control
Cledorvino Belini Independent Director
Sector and Competitors
1st jan.Capi. (M$)
JBS S.A.41.21%13 760
TYSON FOODS, INC.28.18%30 131
WH GROUP LIMITED-26.62%7 852