Websites by Russia-linked ransomware group REvil became unreachable on Tuesday, sparking widespread speculation that the group had been knocked offline.
REvil has collected tens of millions of dollars in ransom payments in return for restoring computer systems it's hacked.
In recent weeks it claimed responsibility for a ransomware attack on U.S. IT firm Kaseya, affecting up to 1,500 businesses worldwide.
It was unclear whether REvil's disappearance was a momentary fluke or whether the hackers had been removed from the internet by someone else.
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat.
REvil has already been drawing top-level U.S. government attention, and pressure has been mounting on Washington to take more decisive action against REvil and similar groups.
The U.S. has been hit by a string of high-profile hacks by ransom-seeking cybercriminals, including an intrusion into Colonial Pipeline which disrupted gasoline deliveries across the East Coast.
President Joe Biden hinted on Friday the United States could soon take more aggressive action on ransomware, saying it made sense to retaliate against the Russian servers used in those attacks.
The White House declined to comment while an attempt to reach REvil was unsuccessful.