U.S. federal prosecutors have leveled charges against two American cybersecurity professionals implicated in a ransomware initiative associated with the infamous ALPHV/BlackCat collective.
Recent court filings unsealed in Miami implicate Ryan Goldberg, a former incident response expert at Sygnia, and Kevin Martin, previously affiliated with Chicago’s DigitalMint.
They are accused of assisting the BlackCat organization in encrypting victims’ networks and orchestrating ransom disbursements via cryptocurrency channels.
The indictment asserts that both men exploited their professional access and acumen to aid the group in targeting enterprises across California, Florida, Virginia, and Maryland between May and November 2023.
‘Acting Outside the Scope of the Employee’s Duties’
DigitalMint, an entity specializing in negotiating and processing ransom payments for cyberattack victims, acknowledged Martin’s prior employment but clarified that the company is fully cooperating with federal authorities and is not currently a target of the investigation.
As reported by Reuters, DigitalMint issued a statement affirming that a former employee had been charged with engaging in ransomware operations, emphasizing that he was “acting completely outside the scope of his employment.” The firm claimed ignorance regarding the alleged misconduct.
Furthermore, a tertiary, unnamed co-conspirator “may have also been a company employee,” the statement indicated.
Ransoms ranging from $300,000 to $10 million
BlackCat, or ALPHV, is recognized as one of the most potent ransomware-as-a-service (RaaS) enterprises globally.
This collective has targeted hospitals, manufacturers, and educational institutions, frequently releasing stolen data when ransom demands go unanswered.
Late in 2023, federal authorities managed to seize segments of its operational infrastructure, yet the group resurfaced under new leadership.
According to the Chicago Sun-Times, ransom demands from the attackers have fluctuated between $300,000 and $10 million.
This case highlights the critical nature of incident-response strategies in the realm of ransomware, simultaneously rekindling scrutiny regarding the role of cryptocurrency payment facilitators in ransomware negotiations.
The defendants face charges of conspiracy to commit computer fraud and money laundering. If found guilty, they could face sentences of up to 20 years in prison. Both men are anticipated to appear in federal court later this month.
Source link: Bitdefender.com.
