A third person hired as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023.
Angelo Martino, 41, of Land O’Lakes, Florida, worked with the operators of BlackCat ransomware starting in April 2023 to help the electronic crime syndicate extract larger amounts of ransom money.
“Mr. Martino worked as a negotiator on behalf of five different ransomware victims and provided confidential information about his clients’ negotiating positions and strategies to the BlackCat actors without the knowledge or permission of his clients or employers,” the U.S. Department of Justice (DoJ) said in a statement Monday.
The amount of ransom that must be paid was maximized based on information such as the victim’s insurance policy limit and internal negotiation position. Mr. Martino received financial compensation in exchange for providing details.
Martino, who was indicted last month, also admitted that he worked with two other incident responders, Ryan Goldberg and Kevin Martin, to successfully deploy BlackCat ransomware to multiple victims in the United States from April 2023 to November 2023. Mr. Martino and Mr. Martin worked at DigitalMint, and Mr. Goldberg was an incident response manager at cybersecurity firm Sygnia.
In one case, the defendants successfully extorted approximately $1.2 million in Bitcoin from one victim, then divided the illegal proceeds among themselves and laundered the money through various means. Authorities seized assets totaling $10 million from Martino, including digital currency, cars, a food truck, and a luxury fishing boat.
Martino pleaded guilty to one count of conspiracy to obstruct, delay, or influence the movement of goods or merchandise in commerce or commerce by extortion. He is scheduled to be sentenced on July 9, 2026, and could face up to 20 years in prison.
Martin and Goldberg are expected to plead guilty in December 2025 and be sentenced later this month. Like Martino, both men could be sentenced to up to 20 years in prison.
“Angelo Martino’s clients trusted him to respond to ransomware threats and to stop them and provide redress on behalf of victims,” said Assistant Attorney General A. Theisen Duba of the Justice Department’s Criminal Division. “Instead, he betrayed them and launched a ransomware attack himself, assisting cybercriminals and harming the victims, his own employer, and the cyber incident response industry itself.”
Source link
