Politics
Cybersecurity

Hacking Outfit Linked to Russia Is Behind JBS Cyberattack

  • REvil took credit for assault on hardware supplier Quanta
  • JBS reports ‘significant progress’ in restoring operations
WATCH: A cyberattack on JBS SA, the largest meat producer globally, has forced the shutdown of some of world’s largest slaughterhouses.(Source: Bloomberg)
Contact us:
Provide news feedback or report an error
Confidential tip?
Send a tip to our reporters
Site feedback:
Take our SurveyNew Window
By , , and
Lock
This article is for subscribers only.

A notorious Russia-linked hacking group is behind the cyberattack against JBS SA, according to four people familiar with the assault who were not authorized to speak publicly on the matter. The cyber gang goes by the name REvil or Sodinokibi.

While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a darkweb blog called “Happy Blog” to name victims when they decline to engage in ransom negotiations. REvil has yet to post a blog item dedicated to JBS.

HomeBTV+Market DataOpinionAudioOriginalsMagazineEvents
News
MarketsEconomicsTechnologyPoliticsGreenCryptoAI
Work & Life
WealthPursuitsBusinessweekCityLabSportsEqualityManagement & Work
Market Data
StocksCommoditiesRates & BondsCurrenciesFuturesSectorsEconomic Calendar
Explore
NewslettersExplainersPointed News QuizAlphadots GameThe Big TakeGraphicsSubmit a TipAbout Us
Terms of ServiceTrademarksPrivacy Policy
CareersAdvertise
Ad Choices
Help©2026 Bloomberg L.P. All Rights Reserved.