In a significant development, a third cybersecurity professional has confessed to assisting ransomware operations, deviating from their role of aiding victims. This revelation highlights a disconcerting breach within the cybersecurity industry.
Details of the Ransomware Case
Back in October 2025, the US government leveled charges against three individuals accused of orchestrating ransomware attacks on multiple companies. These individuals, instead of supporting the victims, allegedly collaborated with the hackers, receiving a portion of the ransom as compensation.
Kevin Martin from Texas and Ryan Goldberg from Georgia, two of the implicated individuals, admitted guilt in late 2025. They are currently awaiting sentencing, which is expected to occur by the end of April.
Revelation of the Third Suspect
The identity of the third suspect, Angelo Martino, was disclosed in March 2026. The 41-year-old Floridian was employed as a ransomware negotiator alongside Martin at an incident response firm, while Goldberg was associated with a different cybersecurity entity.
Martino has now confessed to his involvement, facing a potential prison sentence of up to 20 years, paralleling the charges against Goldberg and Martin.
Impact on the Cybersecurity Industry
According to the Department of Justice, Martino exploited his position by offering the BlackCat/Alphv cybercrime group crucial insights that facilitated ransom negotiations. This breach of trust resulted in inflated ransom demands from the victims, with Martino receiving payments for his compromised information.
Authorities have successfully confiscated assets worth $10 million from Martino. Between November 2021 and December 2023, over 1,000 organizations fell victim to the BlackCat group’s ransomware attacks, a spree only halted by law enforcement intervention. Despite the disruption, the group managed to execute an exit scam after collecting a $22 million ransom.
Ongoing Efforts to Combat Cybercrime
The US continues its efforts to dismantle the BlackCat group, offering a $10 million reward for information leading to the identification of its key members. However, no formal charges have been announced against the group’s leaders as of now.
This case underscores the ongoing challenges in the cybersecurity landscape and the necessity for stringent measures to prevent insider involvement in cybercrime.
