US prosecutors have charged two employees from a cybersecurity company that negotiates ransom payments with hackers for actually launching ransomware attacks on their own.
The Department of Justice recently indicted Kevin Tyler Martin and another unnamed employee from DigitalMint on three counts of computer hacking and extortion. Both men worked as ransomware negotiators but are now accused of turning against their own profession.
Along with them, prosecutors have also charged Ryan Clifford Goldberg, a former incident response manager at the cybersecurity firm Sygnia, for being part of the same criminal scheme. The three allegedly broke into several US companies, stole sensitive data, and deployed ransomware linked to the ALPHV or BlackCat group.
The BlackCat operation runs a ransomware-as-a-service system, meaning the main group creates the hacking tools, while affiliates carry out the attacks and share the ransom profits. Prosecutors say the accused received more than $1.2 million from one victim, a medical device manufacturer based in Florida. Other targets included a drone company in Virginia and a pharmaceutical firm in Maryland.
According to the Chicago Sun-Times, which first reported the story, the FBI’s investigation revealed that the group used their insider knowledge of ransomware defense to exploit businesses instead of protecting them.
Sygnia’s CEO, Guy Segal, confirmed that Goldberg was employed by the company but was fired after his alleged role came to light. DigitalMint president Marc Grens said Martin had worked for the company but was acting completely outside his official duties. Grens also mentioned that the company is fully cooperating with federal investigators.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
