The Federal Bureau of Investigation (FBI) has successfully shut down RAMP, an online bazaar that predominantly catered to Russian-speaking users and was infamous for being the 'only place ransomware allowed.' The seizure of both its dark web and clear web platforms underscores the agency's ongoing initiative to confront the escalating threat posed by cybercriminals targeting vital infrastructures worldwide.
As of Wednesday, attempts to access the RAMP domains redirected users to pages indicating that these sites were under the control of the FBI. Once a dwindling number of online crime forums, RAMP operated with near impunity until now, particularly after the closure of platforms like XSS, whose leader was apprehended by Europol last year. RAMP thus emerged as a principal venue for individuals engaged in ransomware and other online illicit activities to trade products and services.
The FBI's action was prominently displayed on a banner featuring the logos of the FBI and the Justice Department. The message noted, 'The Federal Bureau of Investigation has seized RAMP,' and highlighted that this operation was coordinated with the United States Attorney’s Office for the Southern District of Florida and the Department of Justice’s Computer Crime and Intellectual Property Section.
Founded in 2012 and rebranded in 2021, as reported by security firm Rapid 7, RAMP serviced users across Russian, Chinese, and English-speaking communities. It boasted a membership exceeding 14,000, all subjected to rigorous vetting processes or required to pay a $500 fee for anonymous participation. The platform offered discussion forums, cyberattack tutorials, and a marketplace for malware and illicit services. The site’s chief administrator had previously disclosed in 2024 that RAMP generated an annual revenue of $250,000.