More ransomware websites disappear after Colonial Pipeline hack | Inquirer
 
 
 
 
 
 

More ransomware websites disappear after Colonial Pipeline hack

/ 06:50 AM May 17, 2021

Two more ransomware operators appear to have disappeared from the web, a cybersecurity researcher said on Sunday, in another potential aftershock following this month’s hack of U.S. fuel transport company Colonial Pipeline.

The sites, run by groups dubbed “AKO” and “Everest”, appear to have become unreachable over the weekend, according to Allan Liska, a researcher with cybersecurity firm Recorded Future.

And while hackers’ websites can often be unstable “it’s unusual to see two of the bigger names go down for 24 hours,” Liska told Reuters. “That makes me think it’s a conscious choice to take their site offline.”

The move follows the disappearance of the Dark Side digital extortion gang, the group blamed for paralyzing the country’s largest fuel pipeline network and sending a wave of panic-buying up and down the East Coast.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

The company’s pipeline restarted on Thursday after being shut for nearly a week.

More ransomware websites disappear in aftermath of Colonial Pipeline hack

Holding tanks are seen in an aerial photograph at Colonial Pipeline’s Dorsey Junction Station in Woodbine, Maryland, U.S. May 10, 2021. REUTERS/Drone Base/File Photo

Other ransomware groups – who make money by scrambling companies’ data and demanding hefty payments in digital currency to unlock it – have said they were shutting down or scaling back operations as the U.S. government ramped up pressure. Groups such as “Avaddon” and “Revil,” for example, have said they would be steering clear of government, nonprofit, or healthcare sectors.

It remains unclear whether the retreat is due to U.S. diplomatic pressure, legal demands on technology providers or even government-backed hacking. The FBI did not immediately return a message seeking comment on the disappearance of the ransomware operators’ websites.

ADVERTISEMENT

Related Articles

Best Online Workouts at Home

Free Web Apps to Brand Your Business

Liska said previous declarations by ransomware gangs that certain targets were off-limits in the early days of the coronavirus pandemic did not last long.

“We’ve seen this song-and-dance before,” Liska said. “It remains to be seen whether this is something they’re going to follow through on or whether they’re putting out releases to get good press.”

(Reporting by Raphael Satter; Editing by Daniel Wallis)

Want stories like this delivered straight to your inbox? Stay informed. Stay ahead. Subscribe to InqMORNING

Don't miss out on the latest news and information.
TAGS: cyber crime, Oil, Ransomware Attack
For feedback, complaints, or inquiries, contact us.
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.




This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.