Cybersecurity Employees Plead Guilty To Ransomware Attacks 17
Two cybersecurity professionals who spent their careers defending organizations against ransomware attacks have pleaded guilty in a Florida federal court to using ALPHV/BlackCat ransomware to extort American businesses throughout 2023.
Ryan Goldberg, a 40-year-old incident response manager from Georgia, and Kevin Martin, a 36-year-old ransomware negotiator from Texas, admitted to conspiring to obstruct commerce through extortion. Between April and December 2023, Goldberg, Martin, and a third unnamed co-conspirator deployed the ransomware against multiple U.S. victims and agreed to pay ALPHV BlackCat's operators a 20% cut of any ransoms received. They successfully extracted approximately $1.2 million in Bitcoin from one victim, splitting their 80% share three ways before laundering the proceeds. Both men face up to 20 years in prison and are scheduled for sentencing on March 12, 2026.
The Justice Department noted that all three conspirators possessed specialized skills in securing computer systems against the very attacks they carried out. ALPHV BlackCat has targeted more than 1,000 victims globally and was the subject of an FBI disruption operation in December 2023 that saved victims an estimated $99 million through a custom decryption tool.
Ryan Goldberg, a 40-year-old incident response manager from Georgia, and Kevin Martin, a 36-year-old ransomware negotiator from Texas, admitted to conspiring to obstruct commerce through extortion. Between April and December 2023, Goldberg, Martin, and a third unnamed co-conspirator deployed the ransomware against multiple U.S. victims and agreed to pay ALPHV BlackCat's operators a 20% cut of any ransoms received. They successfully extracted approximately $1.2 million in Bitcoin from one victim, splitting their 80% share three ways before laundering the proceeds. Both men face up to 20 years in prison and are scheduled for sentencing on March 12, 2026.
The Justice Department noted that all three conspirators possessed specialized skills in securing computer systems against the very attacks they carried out. ALPHV BlackCat has targeted more than 1,000 victims globally and was the subject of an FBI disruption operation in December 2023 that saved victims an estimated $99 million through a custom decryption tool.
Maybe it's just me, but ... (Score:5, Insightful)
Very little shocks/surprises me if the sentence contains the word, "Florida". :-)
Re:Maybe it's just me, but ... (Score:4, Insightful)
Note also the "ransomware negotiator" is from Texas. Texas has lately been making itself known as the destination for scams of all kinds.
I think Mr. Martin's main fuckup here was not cutting off some of that BTC for Ken Paxton. Now that there are criminal charges and media scrutiny it's probably too late.
Re: (Score:2)
Note also the "ransomware negotiator" is from Texas. Texas has lately been making itself known as the destination for scams of all kinds.
I saw that and am still pondering which is the "step up": moving from Texas to Florida or Florida to Texas. :-)
More and more, I'm leaning toward either being a lateral move.
'ransomware negotiator' should not be a job. (Score:5, Insightful)
Re: (Score:2)
Imagine an accountant's office that lost every single file from hundreds of clients, and the ransom is 30% of their yearly revenue... If they don't pay, they are out of the market. It's not easy to rebuild from scratch, and sometimes isn't even possible, it's pay or close doors.
Some say "you should have backups!" and they are right, but not every company does backup right, and a lot don't even have backups at all. So
Re: (Score:2)
I am surprised someone didn't bring up a scenario where children's health history records are ransomed that are needed to maintain life. Quite the ethical dilemma.
Re: (Score:2)
When you abuse a position of authority/privilege you should be treated harshly. Throw the book at them.
And which book should we have thrown at CEOs, long ago?
I mean if you're going to start counting actual harm from corrupt behavior painted 50 shades of fucking grey..
Your legacy. (Score:2)
I think we should throw your mom at CEOs. That will keep them busy with venereal disease for a while.
I heard Slashdot new registrations shut down a while ago, but comments like this make me wonder what the policy is for fucking 12-year olds.
Not exactly The Slashdot Effect anyone wants to tell their kids about.
$400K (Score:2)
Hope the memories of that money serve them well when they're free and closing robot car doors for a living to make their restitution payments.
Can't help but think of The Far Side here (Score:2)
Guess someone took a page out of the "Al's Glass" playbook. [srcdn.com]
Back reference (Score:1)
"ransomware negotiator" (Score:2)
Cybersecurity professionals :o (Score:2)
Ryan Clifford Goldberg: Digital forensics and incident response professional at Sygnia Cybersecurity Services.
“Goldberg, meanwhile, had seemingly registered a profile with Sans Institute [acs.org.au]. At the time of writing, Goldberg’s profile on the platform appears to have been t