Ransomware Negotiator Sentenced for BlackCat Ransomware Operators to Attack Victims

Ransomware Negotiator Sentenced for BlackCat Ransomware Operators to Attack Victims










A former Florida ransomware negotiator has been sentenced to 70 months in federal prison after conspiring with BlackCat/ALPHV ransomware operators and helping attack multiple U.S. victims.

Angelo Martino, of Land O’Lakes, Florida, worked for a U.S.-based cyber incident response company. His role was to help organizations recover from ransomware incidents and negotiate with threat actors.

Instead, prosecutors said he abused his access to confidential client information to assist the same cybercriminals targeting those victims.

According to the U.S. Department of Justice, Martino began working with BlackCat actors in April. He reportedly gave the ransomware group sensitive details about victims’ negotiation strategies, financial positions, and planned ransom responses.

BlackCat Ransomware Negotiator Sentenced

This intelligence enabled the attackers to increase pressure on victims and seek higher payments. The BlackCat ransomware operation, also known as ALPHV, operated as a ransomware-as-a-service platform.

Its developers supplied malware and infrastructure to affiliates, who conducted network intrusions, stole data, encrypted systems, and demanded cryptocurrency payments.

The group became one of the most disruptive ransomware operations targeting organizations worldwide. Martino also conspired with Kevin Martin of Texas and Ryan Goldberg of Georgia, both former cybersecurity professionals.

Between April and November, the three men deployed BlackCat ransomware against additional U.S. organizations. Prosecutors said they successfully extorted one victim for approximately million in Bitcoin.

The conspirators split their share of the ransom payment into three portions. They used various methods to launder the cryptocurrency proceeds.

Martino pleaded guilty on April to one count of conspiracy to interfere with interstate commerce through extortion. Martin and Goldberg were previously sentenced to months in prison on May.

Law enforcement has seized more than million in assets linked to Martino. The seized property includes digital currency, vehicles, a food truck, and a luxury fishing boat.

Authorities said the assets were acquired through proceeds from the extortion scheme. A restitution hearing is scheduled for September. The case highlights an insider threat that can emerge during ransomware response efforts.

Incident response providers often receive highly sensitive information, including ransom affordability assessments, insurance details, recovery plans, internal communications, and negotiation limits.

Unauthorized disclosure of that information can directly improve an attacker’s ability to extort a victim. The FBI Miami Field Office led the investigation with support from the U.S. Secret Service.

The prosecution is part of Operation Riptide, an FBI campaign focused on cybercrime actors, infrastructure, financial networks, and fraud operations. The Justice Department previously disrupted BlackCat’s infrastructure in December.

During that operation, the FBI developed a decryption tool that helped hundreds of victims restore encrypted systems and reportedly prevented approximately million in ransom payments.

Stop Accepting SLAs Written for 2019 SOCs – Here’s the 2026 AI SLA Vendor ChecklistDownload Free AI SOC SLA Guide

The post Ransomware Negotiator Sentenced for BlackCat Ransomware Operators to Attack Victims appeared first on Cyber Security News.






Abinaya





Go to cyber-security-news





Posted

in

, ,

by