Technology & Innovation

Florida ransomware negotiator convicted for helping ransomware gang extort US companies

A third ransomware negotiator has been jailed for helping a notorious ransomware group extort American victim companies into paying the hackers.

  • Zack Whittaker
  • July 10, 2026
  • 0 Comments
image

Florida man Angelo Martino has been sentenced to more than five years in prison for conspiring with hackers to deploy ransomware during his job as a ransomware negotiator for a U.S. cybersecurity company.

The U.S. Department of Justice confirmed the sentence on Thursday, noting that the government seized more than $10 million worth of cryptocurrency and assets. Martino allegedly bought these assets, which include a food truck and a luxury fishing boat, with money stolen in the hacks.

Martino is the third person to be jailed for the scheme, following the earlier incarceration of cybersecurity professionals Kevin Martin and Ryan Goldberg. The trio, prosecutors say, worked together to deploy the BlackCat ransomware against companies in the United States throughout 2023. In one successful attack, the cyber professionals moonlighting as criminals extorted a company for about $1.2 million, which they then split three ways after laundering the funds.

The investigation highlights a rare case of security professionals working for malicious hackers while on the job. Governments have long advised victims of hacking and extortion not to pay any ransom and prevent cybercriminals from profiting, although some companies do so anyway in attempts to prevent their customers’ private data from being leaked.

Extortion attacks have helped create an entire insurance sub-sector in the U.S. for responding to ransomware and extortion attacks. Some companies in this space employ negotiators to try to bring down the cost of ransoms.

BlackCat (also known as ALPHV) is a ransomware-as-a-service operation that allows independent hackers, known as affiliates, to rent access to the gang’s file-encrypting malware in exchange for a cut of the profits from cyberattacks. 

The group’s ransomware was famously used to steal highly sensitive medical and billing data of more than 192 million people in America during a hack at U.S. health technology giant Change Healthcare in February 2024, though the affiliate hackers responsible for the 2024 data breach were never identified.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

This post was originally published on this site.