It has been announced that the FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. Below, experts at Talion and CybaVerse respond to the news.
Daniel Wilcock, threat intelligence analyst at Talion, said: “The news that the FBI has seized this domain is a big win for law enforcement and will likely have a significant impact on the operators behind the site, and its customers.
“However, while the operator claims to have no plans to rebuild another marketplace, other criminals are likely to turn to alternative underground markets to support their crimes.
“This means that while RAMP has been taken down, which will create some inconveniences for its users, its impact on the overall cyber crime ecosystem will be limited.
“But all is not lost.
“While this doesn’t signal the end of ransomware, law enforcement will be able to gain valuable information from the seizure around the threat actors using the services, such as their emails and IP addresses plus access to the financial transactions that took place on the market.
“This could support further law enforcement action against the threat actors that used the site, but given that RAMP was heavily used by Russian criminals it’s highly unlikely we will see many actual arrests.”
Ben Clarke, SOC Manager at CybaVerse, said: “RAMP was a highly successful dark web forum that catered heavily towards Russian-speaking threat actors. The marketplace was launched in 2012 and it has become one of the most active forums for the maliciously minded, while delivering significant profits for its operators.
“The reason for its success was that it offered criminals with a marketplace supporting the entire attack chain, from the ability to buy stolen credentials, promote malware or sell and purchase ransomware services.
“Anything to disrupt this activity is a positive step for defenders But we would be naive to believe it will a tangible impact on cyber crime.
“New marketplaces will be formed to take RAMP’s place, while threat actors will navigate to other platforms to buy and sell services.
“But the seizure does highlight that criminals have no place to hide, regardless of where their sites are hosted.”
For more cybersecurity news, click here
