Security startup Norse Corp has gone ominously dark.

The outfit, famous for picking scabs from FreeBSD and mesmerising users with a “live DDoS map”, isn't contactable on the Web right now.

Early in January, The Register reported layoffs in the business, amounting to as much as half its staff at the time.

Now, Brian Krebs reports that the CEO had been asked to step down, replaced by board member Howard Bain and he speculates that a forced merger might be on the cards.

The company was also accused of faking some of its attack data, with Dragos Security's Robert Lee saying it had invented Iranian attack numbers in 2015.

Lee wrote in Christian Science Monitor that Norse "made claims of 500,000 attacks on industrial control systems by Iran in the past 24 months although only 47 of those were targeted against US Internet addresses.

"The report was confusing but the data clearly revealed that the "attacks" from Iranian Internet addresses were actually Internet scans from locations such as Iranian universities and hospitals," he continued.

Krebs quotes former Norse Corp data scientist Mary Landesman as saying the data behind the attack map was “disappointing”.

“The data isn’t great, and it’s pretty much the same thing as if you looked at Web server logs that had automated crawlers and scanning tools hitting it constantly,” Krebs quotes Landesman. “But if you know how to look at it and bring in a bunch of third-party data and tools, the data is not without its merits, if not just based on the sheer size of it.”

With both the company's corporate site and its “attack map” offline, it seems Norse has gone TITSUP (total inability to support usual performance), and Krebs says unnamed sources have told him its assets will be merged with SolarFlare, which shares some of its investors.

Krebs also outlines a history of shell companies behind Norse Corp, stretching back to the late 1990s, along with accusations of misbehaviour The Register isn't in a position to verify. ®