More ransomware websites disappear in aftermath of Colonial Pipeline hack

FILE PHOTO: A man types on a computer keyboard in this illustration picture taken February 28, 2013. REUTERS/Kacper Pempel/File Photo/File Photo

WASHINGTON (Reuters) - Two more ransomware operators appear to have disappeared from the web, a cybersecurity researcher said on Sunday, in another potential aftershock following this month's hack of U.S. fuel transport company Colonial Pipeline.

The sites, run by groups dubbed "AKO" and "Everest", appear to have become unreachable over the weekend, according to Allan Liska, a researcher with cybersecurity firm Recorded Future.

And while hackers' websites can often be unstable "it's unusual to see two of the bigger names go down for 24 hours," Liska told Reuters. "That makes me think it's a conscious choice to take their site offline."

The move follows the disappearance of the DarkSide digital extortion gang, the group blamed for paralyzing the country's largest fuel pipeline network and sending a wave of panic-buying up and down the East Coast.

The company's pipeline restarted on Thursday after being shut for nearly a week.

Other ransomware groups - who make money by scrambling companies' data and demanding hefty payments in digital currency to unlock it - have said they were shutting down or scaling back operations as the U.S. government ramped up pressure. Groups such as "Avaddon" and "REvil," for example, have said they would be steering clear of government, nonprofit, or healthcare sectors.

It remains unclear whether the retreat is due to U.S. diplomatic pressure, legal demands on technology providers or even government-backed hacking. The FBI did not immediately return a message seeking comment on the disappearance of the ransomware operators' websites.

Liska said previous declarations by ransomware gangs that certain targets were off-limits in the early days of the coronavirus pandemic did not last long.

"We've seen this song-and-dance before," Liska said. "It remains to be seen whether this is something they're going to follow through on or whether they're putting out releases to get good press."

(Reporting by Raphael Satter; Editing by Daniel Wallis)

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3


Next In Tech News

UK watchdog looking into Apple, Google mobile ecosystems
Foxconn invests $36 million in EV partnership with Gigasolar
‘Doug To The Rescue’: Drone pilot saves animals in global disaster zones
PlayStation’s ‘wishlist’ for Cyberpunk sparks CD Projekt rally
Facebook can’t dodge EU-wide privacy orders, top court rules
Japan's trade minister unapologetic about ministry's dealings with Toshiba
Notorious ‘Anonymous’ hacker nabbed in Mexico, deported to US
EU court backs national data watchdog powers in blow to Facebook, big tech
Apple back in Washington spotlight over Trump-era subpoenas
Exclusive: India to expedite Amazon, Flipkart antitrust probe as tech focus intensifies -sources

Stories You'll Enjoy