[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFaRW4KE1xlZclTVQHClzMxjCiledxrJH5AZ6oynVaGA":3},{"article":4,"iocs":52},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":29,"category":30,"article_tags":34},"e6949b53-dae2-4b5f-82bf-1c072610dd22","Cybersecurity Negotiator Gets 70 Months for Helping BlackCat Extort Victims","cybersecurity-negotiator-gets-70-months-for-helping-blackcat-extort-victims-6e6b95","Former ransomware negotiator Angelo Martino gets 70 months in prison for helping BlackCat extort US victims and misuse confidential client data in cyberattacks.","Angelo Martino, a former ransomware negotiator, has been sentenced to 70 months in federal prison for his role in assisting the BlackCat (ALPHV) ransomware group. He used his access to confidential client information to aid the attackers in pressuring victims for higher ransom payments. Martino, along with former cybersecurity professionals Kevin Martin and Ryan Goldberg, operated as BlackCat affiliates, deploying ransomware and laundering proceeds, including a $1.2 million Bitcoin payment from one victim.","Ransomware negotiator sentenced to 70 months for aiding BlackCat attacks and extorting US victims.","Cyber CrimeCybersecurity Negotiator Gets 70 Months for Helping BlackCat Extort Victims Former ransomware negotiator Angelo Martino gets 70 months in prison for helping BlackCat extort US victims and misuse confidential client data in cyberattacks. byWaqasJuly 10, 20263 minute read Listen to this article 0:00 — ← 10s ▶ Play 10s → Speed 0.75× 1× 1.25× 1.5× 2× Voice Loading voices… Press play to start listening A former ransomware negotiator who supplied BlackCat ransomware with confidential information from companies seeking help has been sentenced to 70 months in federal prison. Angelo Martino, 41, of Land O’Lakes, Florida, received the sentence on July 9 for conspiring with operators of the ALPHV, also known as the BlackCat ransomware group. US prosecutors said he used his position at a cyber incident response company to help ransomware operators pressure victims into paying higher demands. Ransom note from the ALPHV BlackCat Ransomware Group Court documents show that Martino began working with BlackCat members in April 2023 while employed as a ransomware negotiator. His job gave him access to private discussions about how affected companies planned to respond, including their negotiating positions and payment strategies. Prosecutors said Martino passed that information to the BlackCat group in exchange for payment. The information allowed the ransomware operators to assess how much victims might pay and adjust their demands during negotiations. According to the DOJ’s press release, the scheme impacted five ransomware victims whose cases Martino was supposed to help manage. His access placed him inside confidential negotiations while he was also assisting the criminals demanding payment from those clients. Martino later worked with former cybersecurity professionals Kevin Martin of Texas and Ryan Goldberg of Georgia to deploy BlackCat ransomware against other organisations in the United States between April and November 2023. Martin joined Martino’s workplace after the conspiracy had begun, while Goldberg worked for a separate incident response company. Prosecutors said the three men operated as BlackCat affiliates and carried out ransomware attacks using the group’s malware and extortion platform. One victim paid approximately $1.2 million in Bitcoin following a successful attack. Martino, Martin, and Goldberg divided their share of the payment into three parts and used several methods to launder the proceeds. Hackread.com previously reported that Martin and Goldberg were each sentenced to four years in federal prison in May. At the time, Martino had pleaded guilty and was awaiting sentencing. Martino pleaded guilty on April 14 to one count of conspiracy to interfere with interstate commerce through extortion. His prison term exceeds the 48-month sentences issued to Martin and Goldberg. Federal authorities have seized assets valued at more than $10 million from Martino. The property includes cryptocurrency, vehicles, a food truck, and a luxury fishing boat obtained with proceeds from the scheme. A federal court is scheduled to determine the amount Martino must pay in restitution on September 17. Understanding the cyber crime operation Ransomware Case Exposes Risks of Insider Access The case exposes how trusted access inside ransomware response operations can be used against victims. Companies negotiating during an attack may disclose payment limits, business pressures, recovery options, and other sensitive information to specialists hired to assist them. In Martino’s case, prosecutors said those confidential details were passed directly to the ransomware operators applying pressure on the same companies. US authorities disrupted the BlackCat operation in December 2023 after the FBI gained access to parts of the group’s computer network. Investigators developed a decryption tool that helped hundreds of victims restore affected systems without paying ransom demands. According to the Department of Justice, the operation prevented an estimated $99 million in ransom payments and included the seizure of websites used by BlackCat members. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts ALPHVBlackCatCyber AttackCyber CrimeCybersecurityExtortionFraudRansomware Leave a Reply Cancel reply View Comments (0) Related Posts Read More Cyber Crime Malware Phishing Scam Scams and Fraud Security Cyber Criminals Using Rio Olympics as Bait to Target Users with Phishing Scams Researchers Observe Increase in Phish Attack Mimicking 2016 Rio Olympics Adverts! Phishing attacks are definitely on a rise… byCarolina Read More Hacking News Cyber Crime Phishing Scam Security DoorDash Data Breach -Third Party Vendor Blamed Over Phishing Attack DoorDash has revealed that hackers managed to steal third-party employee credentials and used them to access some of the company’s internal tools and customer data byDeeba Ahmed Read More Security Cyber Attacks Cyber Crime North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks Lazarus Group is now using Medusa ransomware in attacks on healthcare and social services, signaling a move toward profit-focused cybercrime. byWaqas Read More Security Cyber Crime Malware Scams and Fraud Fake LinkedIn Interview Used by Lazarus Hackers to Target AllSecure CEO Researchers at AllSecure have revealed how North Korean hackers from the Lazarus Group used a fake LinkedIn job interview and deepfake technology to target their CEO. byDeeba Ahmed","https:\u002F\u002Fhackread.com\u002Fcybersecurity-negotiator-blackcat-extort-victims\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F07\u002Fcybersecurity-negotiator-blackcat-extort-victims.jpg","2026-07-10T13:18:03+00:00","2026-07-10T14:00:32.837767+00:00",9,[18,21,23,25,27],{"name":19,"type":20},"BlackCat","threat_actor",{"name":22,"type":20},"ALPHV",{"name":24,"type":20},"Angelo Martino",{"name":26,"type":20},"Kevin Martin",{"name":28,"type":20},"Ryan Goldberg","7d8b5ab8-ea0b-4ced-ae97-ec251b86993a",{"id":29,"icon":31,"name":32,"slug":33},null,"Ransomware","ransomware",[35,40,45,47],{"category":36},{"id":37,"icon":31,"name":38,"slug":39},"2e06f76c-d5b9-4f54-9eef-4d3447b10730","Breaches","breaches",{"category":41},{"id":42,"icon":31,"name":43,"slug":44},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":46},{"id":29,"icon":31,"name":32,"slug":33},{"category":48},{"id":49,"icon":31,"name":50,"slug":51},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[53,56],{"type":54,"value":22,"context":55},"malware","Alias for the BlackCat ransomware group",{"type":54,"value":19,"context":57},"Ransomware used in the attacks"]