The hackers who disrupted gas delivery across the Southeast for six days and were paid a $5 million ransom in Bitcoin to restore the largest U.S. fuel pipeline, announced that they were shutting down after their servers were seized and someone drained the cryptocurrency from their account.

Georgia-based Colonial Pipeline Co. paid almost $5 million to Eastern European ransomware group The DarkSide, despite earlier reports that the company had no intention of paying an extortion fee to help restore the fuel pipeline, according to people familiar with the transaction.

A website operated by DarkSide has been down since Thursday, Wall Street Journal reported. DarkSide said its work had been disrupted and it had lost access to the infrastructure used to run its operation. It claimed to be under pressure from the U.S. and law enforcement, according to security firms FireEye and Intel 471.

Colonial Pipeline paid the $5 million ransom in cryptocurrency within hours of the May 7 attack, Bloomberg reported. People familiar with the matter said the company was under pressure to get gas and jet fuel moving again to major cities on the East coast. The U.S. government was aware that Colonial made the payment.

When they received the ransom, the hackers gave Colonial Pipeline a decrypting tool to restore its disabled computers. However, the tool was so slow that the company had to use its own backups to help restore the system.

Colonial said it began to shipping fuel again around 5 p.m. ET Wednesday.

President Joe Biden said Thursday that he expected to speak to Russian President Vladimir Putin about the country tolerating criminal hacking enterprises. Cybersecurity experts and U.S. officials have said cybercrime originating from Russia has flourished for years, Wall Street Journal reported.

Listen to GHOGH with Jamarlin Martin | Episode 74: Jamarlin Martin Jamarlin returns for a new season of the GHOGH podcast to discuss Bitcoin, bubbles, and Biden. He talks about the risk factors for Bitcoin as an investment asset including origin risk, speculative market structure, regulatory, and environment. Are broader financial markets in a massive speculative bubble?

It is not uncommon for ransomware groups such as DarkSide to disappear then re-emerge later under a different name later.

Ransomware is part of an emerging and profitable criminal industry that generated more than $400 million in 2020, according to blockchain research firm Chainalysis. Hacking groups have reinvented how criminal networks extort victims. Security researchers describe the field as ransomware-as-a-service. The industry makes its money illegally by providing work for affiliate hackers who deploy itsr illegal software and extort victims using a well-designed web interface.

The affiliates are the ones who break into corporate networks, and they get around 75 percent of the ransom money, according to FireEye. DarkSide writes the software, bills the victims, hosts stolen data, and handles tech support and media relations, researchers told Wall Street Journal.