RAMP is a Russian-language forum that debuted in July 2021 and has drawn a lot of interest from researchers and cybercriminals alike.
The forum was created on the same domain that previously housed the Babuk ransomware data leak site and then the Payload.bin data leak site.
The RAMP hacking community, which encourages Mandarin-speaking actors to join in talks, share suggestions, and coordinate on assaults, is where these attempts to attract Chinese threat actors are most visible.
High-ranking users and RAMP administrators are now actively attempting to connect with new forum members in machine-translated Chinese, according to a new investigation by Flashpoint.
According to reports, the forum has received at least thirty new user registrations from China, indicating that this may be the start of something significant.
What Is Happening?
It appears that Russian ransomware gangs are seeking to form partnerships with Chinese players in order to undertake cyber-attacks against American targets, exchange vulnerabilities, or even recruit fresh talent for their Ransomware-as-a-Service (RaaS) operations.
According to BleepingComputer, the project was begun by Kajit, a RAMP administrator who claims to have spent time in China and speaks the language.
In October, an XSS user replied to a thread with a Chinese-language ad