Florida Ransomware Negotiator Convicted for Helping Extort US Companies with BlackCat Ransomware


Source: Zack Whittaker / techcrunch.com

Florida Man Sentenced to Five Years in Prison for Ransomware Scheme

Angelo Martino, a Florida resident and former ransomware negotiator, has been sentenced to more than five years in prison for his involvement in a ransomware scheme that targeted US companies. The U.S. Department of Justice confirmed the sentence on Thursday, highlighting the severity of the crime and the consequences of working with malicious hackers.

As a ransomware negotiator for a U.S. cybersecurity company, Martino allegedly worked with hackers to deploy the BlackCat ransomware against companies in the United States throughout 2023. The scheme involved Martino and his colleagues, including cybersecurity professionals Kevin Martin and Ryan Goldberg, who were earlier jailed for their roles in the scheme.

The investigation revealed that the trio used the BlackCat ransomware to extort companies, with one successful attack netting them around $1.2 million. The funds were then laundered and split among the group, highlighting the lucrative nature of the scheme.

BlackCat Ransomware: A Ransomware-as-a-Service Operation

BlackCat, also known as ALPHV, is a ransomware-as-a-service operation that allows independent hackers, known as affiliates, to rent access to the gang’s file-encrypting malware in exchange for a cut of the profits from cyberattacks. This business model has proven to be highly successful, with the gang responsible for some of the most high-profile ransomware attacks in recent history.

One notable example of the gang’s success is the 2024 data breach at U.S. health technology giant Change Healthcare, which saw the theft of highly sensitive medical and billing data of more than 192 million people in America. While the affiliate hackers responsible for the breach were never identified, the attack highlights the devastating consequences of ransomware attacks and the need for robust cybersecurity measures.

The Rise of Ransomware Insurance

The increasing prevalence of ransomware attacks has led to the creation of an entire insurance sub-sector in the U.S. for responding to ransomware and extortion attacks. Some companies in this space employ negotiators, like Martino, to try to bring down the cost of ransoms and mitigate the impact of attacks on their customers.

However, the U.S. government has long advised victims of hacking and extortion not to pay any ransom, as this can only serve to embolden cybercriminals and create a lucrative market for their activities. Despite this, some companies continue to pay ransoms in an attempt to prevent their customers’ private data from being leaked.

The investigation into Martino’s activities highlights the need for greater vigilance and cooperation between governments, companies, and cybersecurity experts to combat the growing threat of ransomware attacks.