FBI takes infamous RAMP ransomware discussion board offline – Cyber Tech

The FBI has seized management of RAMP, a infamous cybercrime on-line discussion board that bragged to be “the one place ransomware allowed.”

Each the discussion board’s presence on the darkish net and on its common web site area now show a discover from the FBI introduced that it has been taken over by the regulation enforcement company.

In keeping with the message posted on the seized web sites, it was seized by the FBI in collaboration with the US Legal professional’s Workplace for the Southern District of Florida and the US Justice Division’s Pc Crime and Mental Property Part (CCIPS).

The seizure banner comes full with a cheeky addition – a winking Masha from the favored Russian kids’s TV cartoon collection “Masha and the Bear.”

Positive sufficient, RAMP’s nameservers now level to ns1.fbi.seized.gov and ns2.fbi.seized.gov, confirming they’ve been seized by US regulation enforcement.

RAMP – the Russian Nameless MarketPlace – first emerged in mid-2021. It rapidly turned fashionable, filling a void within the cybercriminal ecosystem, after different main Russian-language hacking boards banned ransomware-related content material following stress within the aftermath of the Colonial Pipeline assault by the DarkSide gang.

RAMP served as a market the place ransomware operators may recruit associates, the place preliminary entry brokers may promote credentials for compromised enterprise networks, and the place cybercriminals may commerce their stolen knowledge and instruments.

Many notorious ransomware teams, similar to ALPHV/BlackCat, Qilin, DragonForce, and RansomHub would use the RAMP platform to advertise their operations.

The location was definitely fashionable, boasting in extra of 14,000 customers though it requested proof of two months’ exercise on different hacking boards or a US $500 payment to affix.

Issues began to go badly fallacious for RAMP, nevertheless, when one of many people behind the discussion board was named as Russian nationwide Mikhail Matveev (often known as “Orange”, “Wazawaka”, and “BorisElcin.” Matveev was listed on the FBI’s most wished record, and was subsequently (and unusually) arrested in Russia in 2024.

Following the seizure of RAMP, one other of the discussion board’s alleged operators, confirmed the takedown in a posting on one other hacking discussion board.

“This occasion destroyed years of my work to create probably the most free discussion board on the planet, and though I hoped today would by no means come, deep down I at all times understood that it was doable,” wrote “Stallman”. “That is the chance all of us take.”

As Flare experiences, “Stallman” has indicated that the cybercriminal exercise performed by means of RAMP would proceed by means of different channels.

A seizure like this isn’t going to remove ransomware in a single day, nevertheless it does signify a significant disruption of cybercriminal infrastructure, as hackers will probably be pressured emigrate their actions, and will probably be offered with new challenges associated to their operational safety and who they will belief.

In any case, the seizure of RAMP means that the authorities now have entry to the location’s consumer knowledge – which is prone to embody e mail and IP addresses, personal messages, and extra, which may result in arrests within the coming months.