Two more ransomware operators appear to have disappeared from the web, a cybersecurity researcher said on May 16, in another potential aftershock following this month's hack of U.S. fuel transport company Colonial Pipeline.
The sites, run by groups dubbed "AKO" and "Everest", appear to have become unreachable over the weekend, according to Allan Liska, a researcher with cybersecurity firm Recorded Future.
And while hackers’ websites can often be unstable "it's unusual to see two of the bigger names go down for 24 hours," Liska told Reuters. "That makes me think it's a conscious choice to take their site offline."
The move follows the disappearance of the DarkSide digital extortion gang, the group blamed for paralyzing the country's largest fuel pipeline network and sending a wave of panic-buying up and down the East Coast.
The company's pipeline restarted on Thursday after being shut for nearly a week.
Other ransomware groups—who make money by scrambling companies' data and demanding hefty payments in digital currency to unlock it—have said they were shutting down or scaling back operations as the U.S. government ramped up pressure. Groups such as "Avaddon" and "REvil," for example, have said they would be steering clear of government, nonprofit, or healthcare sectors.
It remains unclear whether the retreat is due to U.S. diplomatic pressure, legal demands on technology providers or even government-backed hacking. The FBI did not immediately return a message seeking comment on the disappearance of the ransomware operators' websites.
Liska said previous declarations by ransomware gangs that certain targets were off-limits in the early days of the coronavirus pandemic did not last long.
"We've seen this song-and-dance before," Liska said. "It remains to be seen whether this is something they're going to follow through on or whether they're putting out releases to get good press."
Recommended Reading
TotalEnergies Awards SBM Offshore FPSO GranMorgu Development Contract
2024-11-15 - SBM will construct and install a floating production, storage and offloading vessel for TotalEnergies alongside its partner Technip Energies, the company said.
GeoPark Announces Production Start at Argentina’s Confluencia Norte
2024-11-12 - GeoPark expects production at the Confluencia Norte Block in Rio Negro, Argentina to reach its peak within 90 days of startup.
Interoil Extends Asset Life with Successful Well Intervention in Colombia
2024-11-11 - Interoil’s intervention brought production at Vikingo well back up to 400 bbl/d of oil.
E&P Highlights: Nov. 11, 2024
2024-11-11 - Here’s a roundup of the latest E&P headlines, including Equinor’s acquisition of a stake in a major project and a collaboration between oilfield service companies.
TGS Awards First 3D Streamer Contract for Summer 2025
2024-11-11 - The contract for TGS’ first 3D streamer acquisition for Northwest Europe’s summer season will begin in May 2025.