Former Ransomware Negotiator Pleads Guilty to Conspiring With Hackers to Extort His Own Clients Out of $75 Million

Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.

A Florida man who worked as a ransomware negotiator has pleaded guilty to conspiring to carry out ransomware attacks against the very companies he was hired to protect.

Getting into it: Angelo Martino, 41, of Land O’Lakes, Florida, worked as a negotiator at DigitalMint, a Chicago-based crypto broker that helps ransomware victims negotiate and pay ransom demands. Starting in April 2023, Martino began feeding confidential client information (including insurance policy limits and internal negotiation strategies) to the BlackCat/ALPHV ransomware group, allowing the attackers to squeeze maximum payments out of victims who had hired him to protect them. He then went further, conspiring with two colleagues (Kevin Martin, another DigitalMint negotiator, and Ryan Goldberg, an incident response manager at Sygnia Cybersecurity Services) to directly deploy BlackCat ransomware against multiple US victims.

2023.12.20 Us Justice Department Cracks Down On Alphv Blackcat Ransomware Group Targeting Critical Infrastructure

The trio extorted more than $75 million across at least ten attacks, with the two biggest hauls being roughly $26.8 million from the nonprofit and $25.7 million from the financial services firm. After successfully extorting one victim for $1.2 million in Bitcoin, the three split the proceeds and laundered the funds through various channels.

Martino ultimately pleaded guilty to one count of conspiracy to commit extortion and faces up to 20 years in prison. Martin and Goldberg pleaded guilty to the same charge in December 2025 and are scheduled for sentencing next week.

Law enforcement has seized over $10 million in assets from Martino, including cryptocurrency from 21 wallets, a luxury fishing boat, multiple vehicles, and two Florida properties (including a bayfront home he purchased for $1.79 million in February 2024).

In a statement, Assistant Attorney General A. Tysen Duva said, “Angelo Martino’s clients trusted him to respond to ransomware threats and help thwart and remedy them on behalf of victims. Instead, he betrayed them and began launching ransomware attacks himself by assisting cyber criminals and harming victims, his own employer, and the cyber incident response industry itself.”

This all comes as ransomware attacks hit more than 7,900 victims in 2025, up from around 6,100 the year before.