Florida ransomware negotiator convicted for aiding BlackCat hackers
Angelo Martino sentenced to over 5 years in prison for conspiring with hackers to deploy ransomware while working as a negotiator for a US cybersecurity company.

A Florida man, Angelo Martino, has been sentenced to more than five years in prison for conspiring with hackers to deploy ransomware during his job as a ransomware negotiator for a U.S. cybersecurity company. The U.S.
Department of Justice confirmed the sentence on Thursday, that the government seized more than $10 million worth of cryptocurrency and assets. Martino allegedly bought these assets, which include a food truck and a luxury fishing boat, with money stolen in the hacks. Martino is the third person to be jailed for the scheme, following the earlier incarceration of cybersecurity professionals Kevin Martin and Ryan Goldberg.
The trio, prosecutors say, worked together to deploy the BlackCat ransomware against companies in the United States throughout 2023. In one successful attack, the cyber professionals moonlighting as criminals extorted a company for about $1.2 million, which they then split three ways after laundering the funds. The investigation highlights a rare case of security professionals working for malicious hackers while on the job.
Governments have long advised victims of hacking and extortion not to pay any ransom and prevent cybercriminals from profiting, although some companies do so anyway in attempts to prevent their customers’ private data from being leaked. Extortion attacks have helped create an entire insurance sub-sector in the U.S. for responding to ransomware and extortion attacks.
Some companies in this space employ negotiators to try to bring down the cost of ransoms. BlackCat (also known as ALPHV) is a ransomware-as-a-service operation that allows independent hackers, known as affiliates, to rent access to the gang’s file-encrypting malware in exchange for a cut of the profits from cyberattacks. The group’s ransomware was famously used to steal highly sensitive medical and billing data of more than 192 million people in America during a hack at U.S.
health technology giant Change Healthcare in February 2024, though the affiliate hackers responsible for the 2024 data breach were never identified. Why this matters: The conviction of Angelo Martino and his accomplices marks a significant enforcement action against individuals who use their expertise in cybersecurity to aid malicious hackers. This case highlights the risks and consequences of security professionals engaging in illicit activities, even if under the guise of their job.
The use of ransomware-as-a-service operations like BlackCat continues to pose a major threat to companies and individuals, with the potential for devastating financial and reputational damage. As the cybersecurity insurance market continues to grow, it raises questions about the vetting process for negotiators and the ethics of employing individuals to interact with hackers on behalf of victim companies. The broader industry impact of this case will likely lead to increased scrutiny of cybersecurity professionals and the services they provide, emphasizing the need for clear boundaries and accountability in the field.
Source: TechCrunch