The criminal group linked to a cyberattack that disrupted gasoline delivery across parts of the southeastern U.S. this week has told hacking associates that it is shutting down, according to security research firms.
A website operated by ransomware group DarkSide, which U.S. officials have said they believe originates in Eastern Europe, has been down since Thursday.
DarkSide has told associates it has lost access to the infrastructure it uses to run its operation and would be closing, citing disruption from a law-enforcement agency and pressure from the U.S., according to security firms FireEye and Intel 471.
DarkSide didn’t respond to requests for comment earlier in the week made through its web site before it was shut down.
It isn’t uncommon for ransomware groups such as DarkSide to disband, only to pop up later under a different name. It couldn’t be determined if the U.S. had any role in DarkSide’s claimed disruption or if the disruption was authentic. It is also possible DarkSide plans to close and simply reopen under another name.