In a significant development, 41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has admitted to his involvement in targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.
Together with his counterparts, Ryan Clifford Goldberg and Kevin Tyler Martin, who were also ransomware negotiators at Sygnia and DigitalMint, Martino has been charged with various offenses including conspiracy to interfere with interstate commerce by extortion, interference with interstate commerce by extortion, and intentional damage to protected computers.
Martino, initially referred to as “Co-Conspirator 1” in an October 2025 indictment, was officially named in court documents unsealed in March. Martin and Goldberg have also pleaded guilty to conspiracy charges and are now facing potential prison sentences of up to 20 years each.
Court documents reveal that Martino, while working as a negotiator for five victims, shared confidential information about their negotiation positions and insurance policy limits with BlackCat ransomware operators, aiding the cybercriminals in extorting maximum amounts.
Over the period from April 2023 to April 2025, Martino collaborated with Martin and Goldberg in carrying out BlackCat ransomware attacks.
Operating as BlackCat affiliates, the trio demanded ransom payments from victims and threatened to leak stolen data before encrypting their systems. Prosecutors also stated that the three accomplices paid a 20% share of all ransom proceeds to the BlackCat administrators for access to the ransomware and extortion portal.
The victims of these attacks included several U.S. organizations, such as a financial services firm that paid $25,660,000 and a nonprofit that paid a $26,793,000 ransom, along with law firms, school districts, medical facilities, and other financial services companies.
Jonathan Solomon, CEO of DigitalMint, condemned the criminal actions of his former employees and emphasized that Martin and Martino were promptly terminated upon discovery of their misconduct.
“We strongly denounce the criminal behavior of these former employees, which violated our values, ethical standards, and the law. As soon as we became aware of their actions, we took immediate action to dismiss both individuals,” Solomon stated.
The FBI has linked the BlackCat ransomware operation to over 60 breaches between November 2021 and March 2022. Additionally, the bureau reported that the cybercrime gang amassed at least $300 million in ransom payments from more than 1,000 victims by September 2023.
An artificial intelligence exploit that combined four zero-day vulnerabilities to bypass both renderer and OS sandboxes has emerged. Stay informed about the upcoming wave of new exploits.
Join us at the Autonomous Validation Summit (May 12 & 14) to witness how autonomous, context-rich validation identifies exploit possibilities, confirms control effectiveness, and finalizes the remediation process.
Claim Your Spot
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
