Former ransomware negotiator pleads responsible to BlackCat assaults

41-year-old Angelo Martino, a former worker of cybersecurity incident reaction corporate DigitalMint, has pleaded responsible to focused on U.S. firms in BlackCat (ALPHV) ransomware assaults in 2023.

Along with two different Sygnia and DigitalMint ransomware negotiators (33-year-old Ryan Clifford Goldberg and 28-year-old Kevin Tyler Martin), Martino used to be charged with conspiracy to intervene with interstate trade via extortion, interference with interstate trade via extortion, and intentional harm to safe computer systems.

Martino used to be first of all known handiest as “Co-Conspirator 1” in an October 2025 indictment, however used to be named in court docket paperwork unsealed in March. Martin and Goldberg additionally pleaded responsible to conspiracy to hinder trade via extortion and are going through as much as two decades in jail each and every.

In keeping with court docket paperwork, whilst operating as a negotiator for 5 sufferers, Martino shared confidential details about the sufferers’ negotiation positions and insurance coverage limits with BlackCat ransomware operators, serving to the cybercriminals extort the utmost imaginable quantity.

Between April 2023 and April 2025, he used to be additionally thinking about BlackCat ransomware assaults along accomplices Kevin Tyler Martin and Ryan Goldberg.

Whilst working as BlackCat associates, the 3 defendants demanded ransom bills and threatened sufferers to leak information stolen ahead of encrypting their methods. Prosecutors added that the 3 accomplices paid the BlackCat directors a 20% proportion of all ransoms proceeds for get entry to to the ransomware and extortion portal.

Their sufferers incorporated no less than 5 U.S. organizations, amongst them a monetary products and services company that paid $25,660,000 and a nonprofit that paid a $26,793,000 ransom, in addition to regulation corporations, college districts, scientific amenities, and different monetary products and services firms.

DigitalMint CEO Jonathan Solomon instructed BleepingComputer that the corporate condemned the former malicious habits and famous that Martin and Martino have been fired after their movements have been came upon.

“We strongly condemn those former workers’ prison conduct, which violated our values, moral requirements, and the regulation. Once we discovered in regards to the habits, we right away terminated each people,” Solomon stated.

The BlackCat ransomware operation has been connected via the FBI to greater than 60 breaches between November 2021 and March 2022. In a separate advisory, the bureau added that the cybercrime gang amassed no less than $300 million in ransom bills from over 1,000 sufferers thru September 2023.