JBS Foods, the world’s largest meatpacking enterprise, declared this week that it paid an $11 million ransom to REvil ransomware threat actors following a cyberattack that forced the company to shut down production at several sites worldwide, affecting production facilities from United States, Australia, and Canada.

In a recent statement, the meatpacking organization declared it ultimately paid the requested ransom in order to keep their stolen information from being leaked online and reduce any unanticipated issues related to the cyberattack.

Andre Nogueira, CEO, JBS USA stated:

This was a very difficult decision to make for our company and for me personally. However, we felt this decision had to be made to prevent any potential risk for our customers.


At first, REvil Ransomware Attackers Asked For A $22.5 Million Ransom

According to BleepingComputer, a negotiation between the REvil ransomware gang and the meat producer JBS started at the beginning of this month.

The REvil ransomware attackers threatened JBS saying that their data will be leaked online if the company failed to pay a $22.5 million ransom.

We want to inform that your company’s local network has been hacked and encrypted. We have all your local network data. The Price to unlock is $22,500,000.

Now we’re keeping it a secret, but if you do not reply us within 3 days it will be posted on our news site. Think about the financial damage to your stock price from this publication.


When asked by the JBS company spokesperson to show the data that has been stolen during the cyberattack, the threat actors declined his request being aware of the global attention this attack was receiving.

“After analyzing the available information, my boss came to the conclusion that the transfer of files will take place only after payment.”

As stated by JBS, it was essential for them to receive the ransomware decryptor to decrypt two specific databases as the rest of the data was being restored from backups.

The two parties eventually agreed to an $11 million payment made in cryptocurrency and sent the same day the negotiation started. Following the payment, the REvil ransomware gang gave JBS the decryptor.

REvil decryptor available after ransom was paid by JBS


JBS is not the only organization paying a huge amount of money to ransomware threat actors, Colonial Pipeline paid the hackers nearly $5 million in cryptocurrency in return for a decryption key to restore its systems. 

U.S. Attorney General Merrick Garland on Wednesday warned that ransomware cyberattacks are “getting worse and worse,” echoing concerns of White House officials who have organized emergency gatherings to brainstorm responses to the national security threat.

Heimdal Official Logo
Neutralize ransomware before it can hit.

Heimdal™ Ransomware Encryption Protection

Specifically engineered to counter the number one security risk to any business – ransomware.
  • Blocks any unauthorized encryption attempts;
  • Detects ransomware regardless of signature;
  • Universal compatibility with any cybersecurity solution;
  • Full audit trail with stunning graphics;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

REvil Ransomware Responsible for the JBS Attack, FBI Says

World’s Largest Meat Processing Company JBS Hit by Cyberattack

Colonial Pipeline Hit with A Cyberattack Involving Ransomware [Updated]

Leave a Reply

Your email address will not be published. Required fields are marked *