A former U.S. ransomware negotiator has been sentenced to four years in federal prison after admitting he secretly worked with the notorious BlackCat (ALPHV) ransomware gang while pretending to help victims recover from cyberattacks.

Kevin Martin, who previously worked as a ransomware negotiator at cybersecurity company DigitalMint, received the prison sentence alongside former Sygnia incident response manager Ryan Goldberg. U.S. prosecutors said the pair used their positions in the cybersecurity industry to carry out ransomware attacks against multiple American organizations in 2023 instead of protecting them.

According to the U.S. Department of Justice, Martin and Goldberg acted as affiliates of the BlackCat ransomware operation, deploying malware, stealing sensitive data, and demanding cryptocurrency payments from their victims. In one attack, a medical device company paid approximately $1.2 million in Bitcoin. The attackers then shared a portion of the ransom with the BlackCat operators and laundered the remaining funds.

Authorities said the case became even more alarming because the defendants were trusted cybersecurity professionals with direct access to sensitive victim information. Their insider knowledge allowed them to exploit organizations that had hired them for protection during ransomware incidents.

A third co-conspirator, former DigitalMint negotiator Angelo Martino, previously pleaded guilty to secretly providing BlackCat attackers with confidential information, including victims’ cyber insurance limits and internal negotiation strategies, helping the gang demand larger ransom payments. His sentencing took place separately after prosecutors seized millions of dollars in assets connected to the scheme.

READ
Hackers Begin Exploiting Critical Adobe ColdFusion Flaw Just Hours After Patch Release


Buy ExpressVPN with PayPal or Credit Card
Advertisement