Ransomware Negotiator Admits Aiding Hackers
2 min read
A former cybersecurity negotiator has admitted to secretly helping ransomware hackers carry out attacks—while pretending to assist the very victims he was hired to protect.
Angelo Martino, who previously worked at DigitalMint, pleaded guilty to charges linked to cyber extortion, according to an announcement from the U.S. Justice Department on Monday. Prosecutors say Martino played a double game in at least five ransomware incidents, ultimately helping criminals increase their payouts.
Playing Both Sides
Martino’s role was supposed to be straightforward: negotiate with hackers on behalf of companies hit by ransomware attacks. Instead, authorities say he passed sensitive details back to the attackers themselves.
That included critical information such as victims’ insurance coverage limits and negotiation strategies—details that allowed cybercriminals to demand higher ransom payments. In return, Martino received a share of the profits.
Officials described his actions as a serious breach of trust within the cybersecurity industry. Assistant Attorney General A. Tysen Duva said Martino’s clients relied on him during high-stress cyber incidents, only to be betrayed from within.
Inside the BlackCat Operation
The attacks were linked to ALPHV/BlackCat, a well-known ransomware-as-a-service operation. In this model, the core group develops malware, while affiliates carry out attacks and share the ransom proceeds.
According to prosecutors, Martino didn’t just leak information—he also helped deploy ransomware. Alongside others, he allegedly acted as an affiliate for ALPHV/BlackCat for about six months in 2023, targeting victims across the United States.
During that period, the group earned over $1.2 million from a single victim, highlighting the scale of the scheme.
Wider Investigation
Martino is not alone. Authorities had previously charged two other individuals connected to similar activities: Kevin Tyler Martin, another former DigitalMint worker, and Ryan Clifford Goldberg from cybersecurity firm Sygnia.
At the time, prosecutors mentioned a third unnamed participant. That individual has now been identified as Martino.
Legal Consequences
Martino has pleaded guilty to extortion and now faces up to 20 years in prison. Authorities have already seized around $10 million in assets linked to the case.
DigitalMint stated it had no prior knowledge of the misconduct and terminated the employees involved once the allegations came to light.
Crackdown on Ransomware
The case comes amid broader efforts to dismantle ransomware networks. In 2023, an international law enforcement coalition took down the dark web infrastructure used by ALPHV/BlackCat and released a decryption tool that helped more than 500 victims recover their data.
A Warning for the Industry
This case underscores a growing concern: insider threats within cybersecurity itself. As ransomware attacks become more sophisticated, trust in those defending against them is more critical than ever.
For companies facing cyberattacks, the lesson is clear—security isn’t just about stopping hackers on the outside, but also ensuring integrity on the inside.
Also read : WhatsApp Tests Paid ‘Plus’ Plan With Cosmetic Perks
