The DarkSide hacking group blamed for the Colonial Pipeline ransomwear attack is shutting down its operations, a report says.
The Eastern European criminal group was linked to the attack that caused major disruption to gasoline delivery across the southeastern United States.
Now cybersecurity firms say that a website operated by the group, which was reportedly paid around $5m in a Bitcoin ransom by Colonial, has been down since Thursday, according to The Wall Street Journal.
DarkSide has also told affiliates that it was disrupted by a law-enforcement agency, reported Intel 471, which is a security firm that protects against cyber crime.
And the group posted that it had lost control of its servers, reported Recorded Future threat intelligence analyst Dmitry Smilyanets.
Joe Biden had promised to take action against the group and the 780th Military Intelligence Brigade, the Army’s offensive cyber operations brigade, posted the Recorded Future report on its official Twitter account.
The president said on Thursday that the White House had been “in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks,”
And Mr Biden said that his administration would “pursue a measure to disrupt their ability to operate” and refused to rule out a US cyber operation in response.
There is no evidence of who may have taken action against DarkSide and the US government has not made any comment on the situation yet.
The FBI has declined to comment on whether the US government was responsible for shutting down the DarkSide website.
Observers say it is common for ransomwear groups such as DarkSide to close, only to reopen later under a different identity.
Colonial Pipeline was attacked by the group last week and forced to shut down their operation on 7 May for five days.
DarkSide brought in around $46m in the first quarter of 2021, according to blockchain research firm Chainalysis Inc.
The group issued a statement on Monday, saying it would take greater care in which targets were hit in the future.
“Our goal is to make money and not creating problems for society,” the group wrote on its website.
DarkSide reportedly offers criminal hackers the softwear needed to hold a company to ransom, bills the victim and hosts the stolen data.
They then split the ransom money obtained with the criminal client.