Overview
- Both the clearnet and Tor versions of RAMP now display FBI–DOJ seizure notices, with nameservers switched to ns1.fbi.seized.gov and ns2.fbi.seized.gov on January 28.
- The banner credits coordination with the U.S. Attorney’s Office for the Southern District of Florida and DOJ’s CCIPS, and directs tips to IC3.gov.
- An alleged insider known as “Stallman” acknowledged on the XSS forum that RAMP was fully compromised and said there are no plans to rebuild.
- Authorities have not announced any arrests, and security researchers say access to emails, IPs, messages, and transactions could support future cases.
- RAMP, relaunched in 2021 as a ransomware-friendly hub and linked to aliases used by indicted operator Mikhail Matveev, is expected to push users toward alternative forums such as Rehub.