惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Archives - TechRepublic
Security Archives - TechRepublic
C
CXSECURITY Database RSS Feed - CXSecurity.com
A
Arctic Wolf
Know Your Adversary
Know Your Adversary
T
Tor Project blog
C
Cisco Blogs
G
GRAHAM CLULEY
S
Schneier on Security
AWS News Blog
AWS News Blog
Scott Helme
Scott Helme
C
Cybersecurity and Infrastructure Security Agency CISA
雷峰网
雷峰网
MongoDB | Blog
MongoDB | Blog
爱范儿
爱范儿
S
SegmentFault 最新的问题
S
Security Affairs
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
J
Java Code Geeks
美团技术团队
Hacker News - Newest:
Hacker News - Newest: "LLM"
U
Unit 42
Latest news
Latest news
T
Tailwind CSS Blog
GbyAI
GbyAI
月光博客
月光博客
PCI Perspectives
PCI Perspectives
Attack and Defense Labs
Attack and Defense Labs
Forbes - Security
Forbes - Security
S
Securelist
AI
AI
Recent Announcements
Recent Announcements
C
Check Point Blog
I
Intezer
宝玉的分享
宝玉的分享
Google DeepMind News
Google DeepMind News
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
NISL@THU
NISL@THU
Hacker News: Ask HN
Hacker News: Ask HN
O
OpenAI News
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Project Zero
Project Zero
V2EX - 技术
V2EX - 技术
Y
Y Combinator Blog
博客园 - 【当耐特】
aimingoo的专栏
aimingoo的专栏
F
Full Disclosure
H
Hackread – Cybersecurity News, Data Breaches, AI and More
The Register - Security
The Register - Security
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google DeepMind News
Google DeepMind News

Consumer Insights

The ransomware negotiator who was working for the other side After years on the run, alleged Ryuk ransomware operator pleads guilty INTERPOL crackdown shows scammers shifting to social media Meta lets strangers remix your public Instagram photos with AI—here’s how to opt out Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud India pauses WhatsApp username feature over security concerns Alleged teen ransomware hustler faces US charges after arrest in Finland WhatsApp usernames explained: how to reserve yours and stay safe Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year WhatsApp tests new safety prompt before you chat with strangers Social media is worth celebrating. It's also worth protecting. Polish police dismantle SIM-swap gang accused of crypto theft Operation Endgame deals fresh blow to StealC and Amadey malware networks Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Cybercrime now rivals traditional crime across parts of Asia Apple's Hide My Email tweak leaves privacy fans fuming Americans lost $3.5 billion to imposter scams last year — and the scams are getting harder to spot Scammers have killed the physical Steam Gift cards Crypto investment scam sends couriers to collect victims' cash, FBI warns Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Why schools remain one of cybercriminals' favourite targets WhatsApp detects new spyware activity from Israel’s NSO Group despite court order Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Europol cracks down on illegal streaming globally Hackers didn't hack Instagram; they just asked Meta AI FBI Warns Fans About FIFA Scams Ahead of 2026 World Cup Virtual knife, real lawsuit: Counter-Strike skin dispute ends in court As Deepfakes Spread, YouTube Makes AI Labels Harder to Miss Carnival breach exposes data of nearly 6 million people Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached FBI warns criminals impersonating IT support to breach law firms FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Telecom Executives Plead Guilty to Tech Support Fraud 7-Eleven data breach exposes data of 185,000 people ASIC Warns Australians About Crypto Trading Scams Google Search AI Mode brings a major overhaul Deleted Google API keys may remain active for 23 minutes Ukrainian police identify perp in $721k infostealer scheme Steam removes horror game after malware steals player data FBI: Crypto ATM Scams Keep Growing as Americans Lose Millions FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Scam Centers Under Pressure as INTERPOL Makes More Arrests FBI Warns Older Adults Lost Billions to Scammers Burst Statistics WordPress flaw under attack Android 17 Will Let Users Verify Whether Their OS Is Legit Suspected Dream Market kingpin arrested after gold bars sent to his home address BitLocker zero-day exposes Windows drives as PoC goes public Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones Football Ticket Scams Are Rising Fast, Lloyds Bank Warns When ransomware gets physical: cybercriminals turn to threats of violence iPhone-to-Android Texts Are Now Encrypted (RCS Messaging) UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years Instagram Drops Encrypted DMs — What This Means for You New fear: Man films woman with smart glasses, seeks money to take video down ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia Inside Department 4: Russia's secret school for hackers Ubuntu’s new AI dreams attracted a very old-fashioned crypto scam on X Chrome 4GB AI model: What weights.bin does Sri Lanka makes 37 arrests as it raids another scam centre DAEMON Tools Lite breach prompts urgent update after malware-laced installer Brits Lost £102 Million to Romance Scams Last Year The Online Safety Act Is Changing the Internet for Kids World Password Day 2026 How Hackers Stole and Sold Roblox Accounts for $250,000 Before Getting Caught Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition 276 Arrested in Crypto Scam Crackdown Popular WordPress redirect plugin found with years-old backdoor Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Alleged Silk Typhoon hacker extradited to the United States to face charges FTC: Social Media Scams Cost Americans $2.1 Billion in 2025 French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches iOS Flaw Exposed ‘Deleted’ Signal Messages Sony Starts Enforcing PlayStation Age Verification; UK and Ireland Are First Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers You’ve Got Mail and It’s Tracking Your Warship Crypto Investment Scam Costs Woman in Hong Kong Nearly $1 Million Operation PowerOFF warns 75,000 DDoS users Singer loses life savings to fake wallet downloaded from the Apple App Store AgingFly malware targets Ukraine government, hospitals 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data FBI: Cybercrime Losses Hit $21 Billion in 2025, Fueled by AI Life imprisonment for Cambodian scam compound operators - but will it make a difference? Fake Claude Code leak on GitHub spreads Vidar malware Apple Expands ‘DarkSword’ Patch to More iPhones and iPads Nigerian romance scammer jailed after being caught out by fellow fraudster Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns Fake CERT-UA emails spread AGEWHEEZE in ukraine Alleged RedLine malware developer extradited to United States The Scam That Tricks You Into Infecting Your Own Mac Iranian hackers breach FBI director's personal email, and post his CV and photos online Don't Ignore This Security Alert Apple Sent to iPhone Lock Screens Meta and YouTube Designed Addictive Platforms, Jury Finds TikTok Business phishing campaign targets advertisers Lapsus$ claims AstraZeneca breach exposes code and credentials How one man used 10,000 bots to steal $8,000,000 from music artists
Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers
Filip TRUȚĂ · 2026-05-04 · via Consumer Insights

Two former cybersecurity professionals who used their insider knowledge to carry out ransomware attacks will serve four years in prison.

Key takeaways

  • Two U.S. cybersecurity professionals were sentenced to four years in prison for BlackCat ransomware attacks
  • The attackers were trusted industry insiders, including an incident responder and a ransom negotiator
  • They operated as affiliates in a ransomware-as-a-service (RaaS) scheme, sharing profits with the ALPHV/BlackCat gang
  • At least one victim paid $1.2 million in Bitcoin, which was later laundered
  • A third co-conspirator is still awaiting sentencing

From defenders to attackers

The U.S. Department of Justice announced that Ryan Goldberg, 40, and Kevin Martin, 36, were sentenced to four years in prison each for their role in ransomware attacks carried out in 2023.

The two weren’t typical cybercriminals. Both worked in cybersecurity roles at the time—positions designed to helping organizations respond to exactly this type of threat.

Goldberg served as an incident response manager, while Martin worked as a ransomware negotiator—placing them in direct contact with victims during high-stakes breaches.

Instead of protecting organizations, they leveraged that expertise to attack them.

According to court documents, the pair partnered with the ALPHV/BlackCat ransomware group, one of the most notorious ransomware-as-a-service (RaaS) operations.

Their arrangement followed a familiar RaaS model:

  • They gained access to the ransomware platform and infrastructure
  • In return, they paid 20% of ransom proceeds to the operators
  • They handled the actual intrusions, encryption, and extortion

Between April and December 2023, the group targeted multiple U.S. organizations across sectors. In at least one case, they extorted $1.2 million in Bitcoin, which they later split and laundered.

The broader ALPHV/BlackCat operation targeted over 1,000 victims worldwide, making it one of the most harmful ransomware groups of recent years, the US Department of Justice said in a press release:

According to court documents, ALPHV BlackCat targeted the computer networks of more than 1,000 victims around the world. The group used a ransomware-as-a-service model in which developers were responsible for creating and updating ransomware and for maintaining the illicit internet infrastructure. Affiliates were responsible for identifying and attacking high-value victim institutions with the ransomware. After a victim paid, developers and affiliates shared the ransom.

Abuse of trust at the worst possible moment

What makes this case particularly troubling is the attackers’ access to sensitive information. One co-conspirator, Angelo Martino, 41, of Florida, who is still awaiting sentencing, allegedly used his role as a ransomware negotiator to share confidential victim data with attackers, increasing pressure on victims to pay.

As reported last month, between April and November 2023, Martino acted as a negotiator for multiple ransomware victims. During that time, he allegedly leaked highly sensitive information to the attackers, including insurance coverage limits and internal negotiation strategies.

In a statement, Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division emphasized the betrayal:

These were supposed to be cybersecurity specialists who did good and helped businesses and people. Instead, they used their high-level cyber skills to feed their greed. This isn’t just cybercrime—it’s a breakdown of trust within the cybersecurity ecosystem itself.

This intelligence allegedly allowed the operation to fine-tune its demands and extract higher ransoms. In some cases, Martino allegedly participated in the actual deployment of malware onto victim’s computer networks.

Guilty pleas

In December 2025, Goldberg and Martin each pleaded guilty to one count of conspiracy to obstruct, delay or affect commerce or the movement of any article or commodity in commerce by extortion.

Last month, co-conspirator Angelo Martino also pleaded guilty to his role in the conspiracy.

“In addition to conspiring with Goldberg and Martin to attack victims with ransomware, Martino also abused his role as a negotiator for victims of ransomware by sharing confidential victim information with threat actors to increase the value of the ransom paid,” the DOJ said.

Because of his deeper involvement in the scheme, Martino could face a higher sentence. His sentencing is set for July 9.

The sentencing follows broader efforts by U.S. authorities to disrupt BlackCat. In 2023, the FBI seized infrastructure and released a decryption tool that helped victims recover systems and avoid an estimated $99 million in ransom payments.

You may also like to read:

Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers

Global Scam Crackdown: 276 Arrested, Crypto Fraud Networks Dismantled

FBI: Cybercrime Losses Hit a Record $21 Billion Last Year, Fueled by AI