ACCORDING to the U.S. Attorney’s Office for the Southern District of Florida and the Computer Crime and Intellectual Property Section of the Department of Justice, the seizure targeted RAMP, the Russian Anonymous Marketplace, and included its clear net and .onion sites. The operation followed years during which RAMP had become a go-to forum and marketplace used by ransomware operators, brokers, developers and affiliates after other Russian-language forums were banned.
A WHOIS lookup of ramp4u[.]io shows that the domain information was updated on 28 January, and the domain’s nameservers now point to FBI’s well-known nameservers, ns1.fbi.seized[.]gov and ns2.fbi.seized[.]gov. Over on XSS, Stallman, widely believed to be the admin of RAMP, posted a notice about the seizure, including a message that hinted at continuing dealings. As of publication, the DOJ has not issued any press release about the takedown.
The article notes that a joining fee of $500.00 existed for those not grandfathered into RAMP, and suggests the seizure leaves a gap to be filled in the ransomware community.