Ex-Cybersecurity Responder Pleads Guilty to Aiding BlackCat Ransomware Attacks
A former employee of cybersecurity incident response firm **DigitalMint**, Angelo Martino, has pleaded guilty to participating in **BlackCat** (**ALPHV**) ransomware attacks against U.S. companies. Martino, along with two other ransomware negotiators, allegedly shared confidential victim information with the ransomware operators to maximize ransom payouts.
### Insider Threat: Cybersecurity Expert Turns Cybercriminal
Angelo Martino, 41, a former incident responder at **DigitalMint**, admitted to targeting U.S. organizations in **BlackCat** (**ALPHV**) ransomware attacks throughout 2023. He was initially identified as "Co-Conspirator 1" in court documents but later named in March.
Martino was charged alongside Ryan Clifford Goldberg, 33, and Kevin Tyler Martin, 28, also associated with **Sygnia** and **DigitalMint**, on counts of conspiracy to interfere with interstate commerce by extortion, interference with interstate commerce by extortion, and intentional damage to protected computers.
Both Martin and Goldberg have also pleaded guilty to conspiracy to obstruct commerce by extortion and face potential sentences of up to 20 years each.
### Sharing Confidential Information
According to court documents, Martino, while acting as a negotiator for five victims, leaked sensitive information about their negotiation positions and insurance policy limits to **BlackCat** ransomware operators. This enabled the cybercriminals to extort the highest possible ransom amounts.
Between April 2023 and April 2025, Martino collaborated with Kevin Tyler Martin and Ryan Goldberg in **BlackCat** ransomware operations. The trio functioned as **BlackCat** affiliates, demanding ransom payments and threatening to leak stolen data if victims refused to pay. They reportedly paid 20% of all ransom proceeds to the **BlackCat** administrators for access to the ransomware and extortion portal.
### Victims and Financial Impact
The victims included at least five U.S. organizations, including a financial services firm that paid $25,660,000 and a nonprofit that paid a $26,793,000 ransom. Other victims included law firms, school districts, medical facilities, and other financial services companies.
**DigitalMint** CEO Jonathan Solomon stated that the company condemned the actions of the former employees and confirmed that both Martin and Martino were terminated upon discovery of their involvement.
### BlackCat's Widespread Impact
The **BlackCat** ransomware operation has been linked by the **FBI** to over 60 breaches between November 2021 and March 2022. The bureau estimates that the group has collected at least $300 million in ransom payments from over 1,000 victims as of September 2023.
<!--
<a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0"><img alt="article image" src="https://www.bleepstatic.com/c/p/autonomous-validation2.jpg"></a>
<div>
<h2><a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0">99% of What Mythos Found Is Still Unpatched.</a></h2>
<p>AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.</p>
<p>At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop.</p>
<p><a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0">Claim Your Spot</a></p>
</div>
-->