The cyber actors behind the Nemty ransomware-as-a-service operation are reportedly folding up shop as they concentrate their efforts on a newly launched malicious encryptor.

The decision to shut down Nemty could leave some individuals in a lurch. As of April 14, the cybercriminals are giving victims one week to pay their ransom and receive a decryption key before Nemty’s payment infrastructure is supposedly dismantled. This ticking clock could coerce some panicked victims to hastily pay up.

The Nemty group made the announcement yesterday via the Exploit hacking forum, ZDNet has reported.

Nemty debuted in the summer of 2019 and its operators had only recently taken steps to copy the tactics of other ransomware groups that now not only encrypt data, but also exfiltrate and publish it online.

According to the news report, Nemty shut down for numerous reasons: it was less popular than competing ransomware, its reputation suffered after three of its versions were decrypted by researchers, and the cybercriminals behind the RaaS offering started their efforts anew last month with a rebranded ransomware program called Nefilim, which is based on Nemty’s code.