The BlackCat ransomware-as-a-service operation’s putative “unseizing” of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Monday. The stunt was a “tactical error” that could alienate affiliates.

U.S. authorities as part of an international law enforcement operation announced Monday morning that they had seized dark web infrastructure of the BlackCat ransomware-as-a-service group (see: FBI Seizes BlackCat Infrastructure; Group Has New Domain).