41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.
Together with two other Sygnia and DigitalMint ransomware negotiators (33-year-old Ryan Clifford Goldberg and 28-year-old Kevin Tyler Martin), Martino was charged with conspiracy to interfere with interstate commerce by extortion, interference with interstate commerce by extortion, and intentional damage to protected computers.
Martino was initially identified only as “Co-Conspirator 1” in an October 2025 indictment, but was named in court documents unsealed in March. Martin and Goldberg also pleaded guilty to conspiracy to obstruct commerce by extortion and are facing up to 20 years in prison each.
According to court documents, while working as a negotiator for five victims, Martino shared confidential information about the victims’ negotiation positions and insurance policy limits with BlackCat ransomware operators, helping the cybercriminals extort the maximum possible amount.
Between April 2023 and April 2025, he was also involved in BlackCat ransomware attacks alongside accomplices Kevin Tyler Martin and Ryan Goldberg.
While operating as BlackCat affiliates, the three defendants demanded ransom payments and threatened victims to leak data stolen before encrypting their systems. Prosecutors added that the three accomplices paid the BlackCat administrators a 20% share of all ransoms proceeds for access to the ransomware and extortion portal.
Their victims included at least five U.S. organizations, among them a financial services firm that paid $25,660,000 and a nonprofit that paid a $26,793,000 ransom, as well as law firms, school districts, medical facilities, and other financial services companies.
DigitalMint CEO Jonathan Solomon told BleepingComputer that the company condemned the previous malicious conduct and noted that Martin and Martino were fired after their actions were discovered.
“We strongly condemn these former employees’ criminal behavior, which violated our values, ethical standards, and the law. When we learned about the conduct, we immediately terminated both individuals,” Solomon said.
The BlackCat ransomware operation has been linked by the FBI to more than 60 breaches between November 2021 and March 2022. In a separate advisory, the bureau added that the cybercrime gang collected at least $300 million in ransom payments from over 1,000 victims through September 2023.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
You must be logged in to post a comment Login