Close Menu
geekfence.comgeekfence.com
    What's Hot

    Release Date, Price & Specs Rumours – Tech Advisor

    July 14, 2026

    Alberta regulated online gambling market launches

    July 14, 2026

    Prioritise AI outcomes over agent numbers, says Orange

    July 14, 2026
    Facebook X (Twitter) Instagram
    • About Us
    • Contact Us
    Facebook Instagram
    geekfence.comgeekfence.com
    • Home
    • UK Tech News
    • AI
    • Big Data
    • Cyber Security
      • Cloud Computing
      • iOS Development
    • IoT
    • Mobile
    • Software
      • Software Development
      • Software Engineering
    • Technology
      • Green Technology
      • Nanotechnology
    • Telecom
    geekfence.comgeekfence.com
    Home»Cyber Security»The ransomware negotiator who was working for the other side
    Cyber Security

    The ransomware negotiator who was working for the other side

    AdminBy AdminJuly 14, 2026No Comments4 Mins Read3 Views
    Facebook Twitter Pinterest LinkedIn Telegram Tumblr Email
    The ransomware negotiator who was working for the other side
    Share
    Facebook Twitter LinkedIn Pinterest Email


    When a company falls victim to a ransomware attack, it is not uncommon for it to turn to experts for help.

    Specialist ransomware negotiation firms handle communications with criminal gangs on a victim’s behalf. They know how the ransomware gangs operate, how to buy time, and how to push back on extortionate demands. They can help manage the technical side of any payment if needed, and help a corporate victim assess whether decryptors actually work.

    What victims don’t expect is that their trusted negotiator might be separately sharing details of the victim’s cyber-insurance policy and negotiation strategy directly with the attackers themselves.

    That’s precisely what Florida man Angelo John Martino III did, and last week a federal judge sentenced him to 70 months in prison for it.

    41-year-old Martino worked as a ransomware negotiator for DigitalMint, an incident response company based in Chicago. His job was to negotiate on behalf of organisations who had been held to ransom by ransomware attacks.

    However, starting in April 2023, Martino started to live a double life. Unknown to his employer or clients, Martino was feeding information to the BlackCat (also known as ALPHV) ransomware group through a hidden tab within the same BlackCat negotiation panel he used for his legitimate work.

    In exchange for a cut of the ransom payment, Martino fed the criminals everything they wanted: victims’ insurance policy limits, their internal negotiating positions, and their financial circumstances.

    On one occasion, Martino secretly tipped off a BlackCat affiliate that the victim’s insurance company had only approved a limited payout.

    In the official negotiation chat – visible to both DigitalMint and the victim – he acted the role of concerned intermediary with aplomb. However, behind the scenes, the gang already knew exactly what they could extract.

    The BlackCat operator’s response in the official negotiation chat was clear: “We know how much you can pay. Contact your insurance. We know about them also.”

    The ransomware victim, a hospitality company, ultimately paid out nearly US $16.5 million.

    In total, five of Martino’s clients collectively made more than US $75.3 million in ransom payments between April and September 2023. This included a non-profit organisation that paid nearly US $26.8 million, and a financial services company that paid nearly US $25.7 million – each payment likely inflated due to the information Martino shared with the extortionists.

    But that wasn’t the limit of Martino’s wrongdoing, because he and two colleagues (Kevin Martin, another DigitalMint negotiator, and Ryan Goldberg, an incident response manager at cybersecurity firm Sygnia) deployed BlackCat ransomware against more victims themselves.

    The trio kept 80% of ransoms and paid 20% to the BlackCat gang, as affiliates – successfully extorting US $1.2 million from a medical device company.

    In April 2026, Goldberg and Martin were both sentenced to four years in prison.

    Martino spent the cryptocurrency proceeds of his criminal activity on two Florida properties, a boat, and several vehicles. Authorities say that they have seized US $10 million of his assets, and a hearing in September will determine what other restitution he will have to make.

    “Angelo Martino sold out the very victims he was hired to represent, handing their confidential negotiating positions to BlackCat actors to drive up ransoms and enrich himself,” said Assistant Director Brett Leatherman of the FBI Cyber Division. “[The] sentence demonstrates that the FBI will pursue not just the criminals who deploy ransomware, but the insiders who enable them. Working with our partners, the FBI will find those who betray that trust and hold them accountable.”

    US authorities have described DigitalMint as an “unknowing victim,” and said that Martino deliberately concealed what he was doing from his employer. The company has since changed the way its negotiators communicate with ransomware gangs, and is working with the Department of Homeland Security to establish a registry for the currently highly-unregulated world of ransomware negotiation.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

    July 12, 2026

    Felons, Fraudsters Flog Offensive Cybersecurity Startup – Krebs on Security

    July 11, 2026

    ESET Threat Report H1 2026

    July 10, 2026

    5 Settings That Make Readings Easier to See

    July 9, 2026

    SharpHound Recon Attack – How AI enhanced the threat hunt

    July 8, 2026

    Two arrested over credit card phishing

    July 7, 2026
    Top Posts

    Understanding U-Net Architecture in Deep Learning

    November 25, 202560 Views

    Hard-braking events as indicators of road segment crash risk

    January 14, 202631 Views

    Redefining AI efficiency with extreme compression

    March 25, 202629 Views
    Don't Miss

    Release Date, Price & Specs Rumours – Tech Advisor

    July 14, 2026

    Pixel 11: Design & Build Given just how reluctant Google has been to massively overhaul…

    Alberta regulated online gambling market launches

    July 14, 2026

    Prioritise AI outcomes over agent numbers, says Orange

    July 14, 2026

    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID

    July 14, 2026
    Stay In Touch
    • Facebook
    • Instagram
    About Us

    At GeekFence, we are a team of tech-enthusiasts, industry watchers and content creators who believe that technology isn’t just about gadgets—it’s about how innovation transforms our lives, work and society. We’ve come together to build a place where readers, thinkers and industry insiders can converge to explore what’s next in tech.

    Our Picks

    Release Date, Price & Specs Rumours – Tech Advisor

    July 14, 2026

    Alberta regulated online gambling market launches

    July 14, 2026

    Subscribe to Updates

    Please enable JavaScript in your browser to complete this form.
    Loading
    • About Us
    • Contact Us
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 Geekfence.All Rigt Reserved.

    Type above and press Enter to search. Press Esc to cancel.