Ddos 
Two American cybersecurity professionals were sentenced today to four years each in federal prison. Leveraging the very skills meant to protect systems to instead dismantle them as affiliates for the notorious ALPHV BlackCat ransomware group.
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, received their sentences following a 2023 extortion spree that targeted medical and engineering firms across the United States.
Goldberg and Martin, along with co-conspirator Angelo Martino, operated under a Ransomware-as-a-Service (RaaS) model. In this illicit ecosystem, they functioned as “affiliates,” responsible for identifying and breaching high-value targets. In exchange for using the BlackCat platform, they agreed to pay the developers a 20% cut of all successful ransoms.
As individuals working within the cybersecurity industry, they possessed specialized knowledge of how to secure the exact systems they were weaponizing.
Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division highlighted this betrayal, “These were supposed to be cybersecurity specialists who did good and helped businesses and people. Instead, they used their high-level cyber skills to feed their greed.”
The group’s ruthlessness was evident in their attack on a medical facility. When the victim resisted, the defendants reportedly caused the leak of sensitive patient data from a doctor’s office to increase the pressure to pay.
The scheme eventually yielded a massive $1.2 million ransom in Bitcoin from a single victim. The trio split their 80% share—roughly $960,000—and attempted to launder the funds through various channels.
The sentencing also revealed the dramatic lengths to which Goldberg went to evade justice. When he attempted to flee the country, the FBI tracked him through 10 different nations before securing his apprehension.
This sentencing is part of a broader, ongoing effort to dismantle the ALPHV BlackCat network. In late 2023, the FBI successfully developed a decryption tool that allowed hundreds of victims to restore their systems without paying, saving an estimated $99 million in potential losses.
While Goldberg and Martin begin their four-year terms, co-conspirator Angelo Martino awaits his own sentencing on July 9. Martino admitted to a particularly insidious secondary role: acting as a “negotiator” for ransomware victims while secretly sharing their confidential information with the attackers to drive up the final price of the ransom.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
