ADVERTISEMENT

After FBI’s RAMP seizure, cybercriminals scatter as mistrust spreads on dark web forums

Cybercriminals are already beginning to scatter across alternative platforms following the FBI seizure of RAMP, a long-running underground forum used by ransomware-as-a-service gangs, extortionists and initial access brokers.

Masha winking FBI

Image by Cybernews

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Jan 30, 2026 Updated: 2 February 2026 3 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
RAMPtakedown-source-sophos
FBI's seizure mocks forum's identity, declaring: "The Only Place Ransomware Allowed!" with image of Masha. Screengrab from Sophos.

History of RAMP

No honor among thieves

ADVERTISEMENT
"Their post has been met by mixed responses, including praise for their efforts, as well as blame and even accusations that Stallman was involved in the takedown in some way. This remains speculatory."
Rebecca Taylor, threat intelligence researcher, Sophos
TOR Zireael
Persona/alias Tor Zireael shares what they claim to be the admin panel and user list of the RAMP forum. Screengrab from Sophos which adds the post and attachments are yet to be validated

Short-lived victory, constant game of whack-a-mole

“Shutting down sites like RAMP is often described as a game of whack-a-mole, but taking a platform like this offline does slow cybercriminal growth and creates a real barrier for newer entrants into cybercrime."
Danny Jenkins, CEO, ThreatLocker
ADVERTISEMENT