CP
cyberpings

BlackCat Ransomware - Former Negotiator Pleads Guilty

Angelo Martino, a former ransomware negotiator, has pleaded guilty for his role in BlackCat attacks. His actions impacted several U.S. companies, highlighting the ongoing threat of ransomware extortion. As ransomware tactics evolve, vigilance is crucial for organizations.

Malware & RansomwareHIGHUpdated: Published:
Featured image for BlackCat Ransomware - Former Negotiator Pleads Guilty

Original Reporting

BCBleepingComputer·Sergiu Gatlan

AI Summary

CyberPings AI·Reviewed by Rohit Rana

🎯Basically, a former negotiator helped hackers steal money from companies using ransomware.

How It Works

In 2023, Angelo Martino, a former employee of DigitalMint, was involved in BlackCat (ALPHV) ransomware attacks. This group is notorious for targeting organizations with ransomware, encrypting their data, and demanding hefty ransoms. Martino, along with two accomplices, shared sensitive negotiation details with the attackers, enabling them to maximize ransom amounts.

Who's Being Targeted

The victims of these attacks included a range of U.S. organizations, from financial services firms to medical facilities. Notably, one financial firm paid $25.66 million, while a nonprofit organization was extorted for $26.79 million. This case illustrates how even well-established companies can fall prey to sophisticated ransomware schemes.

Signs of Infection

While the article does not specify signs of infection, organizations often experience sudden data inaccessibility, ransom notes on their systems, or unusual network activity as indicators of a ransomware attack.

How to Protect Yourself

Organizations can take several steps to mitigate the risk of ransomware attacks:

Detection

  • 1.Implement robust cybersecurity training for employees to recognize phishing attempts.
  • 2.Regularly back up data and ensure backups are not connected to the main network.

The Impact of BlackCat

The BlackCat ransomware operation has been linked to over 60 breaches and has reportedly collected at least $300 million in ransom payments from more than 1,000 victims. This highlights the extensive reach and financial impact of ransomware groups.

What’s Next

With Martino's guilty plea, the legal repercussions for those involved in ransomware negotiations are becoming clearer. This case serves as a warning to others in the cybersecurity field about the severe consequences of unethical behavior. As ransomware attacks continue to evolve, organizations must remain vigilant and proactive in their defenses.

🔒 Pro Insight

🔒 Pro insight: This case underscores the critical need for ethical standards in cybersecurity roles, as insider threats can significantly amplify ransomware risks.

BCBleepingComputer· Sergiu Gatlan
Read Original

Share

Related Pings

Preview image for StealTok Malware - TikTok Downloader Extensions Compromised
Malware & Ransomware
HIGH

StealTok Malware - TikTok Downloader Extensions Compromised

A new malware campaign, StealTok, has compromised 130,000 users via fake TikTok downloader extensions. These malicious tools harvest sensitive data. Users are urged to remove these extensions immediately and secure their accounts.

CSCyber Security News
Read PingRead Source
Preview image for NGate NFC Malware - Targets Android Users via Trojanized HandyPay App
Malware & Ransomware
HIGH

NGate NFC Malware - Targets Android Users via Trojanized HandyPay App

A new variant of the NGate malware is exploiting a trojanized version of the HandyPay app to steal NFC payment data from Android users in Brazil. This campaign has been active since November 2025 and utilizes deceptive distribution methods to lure victims.

HNHelp Net Security+1 more
Read PingRead Source
Malware & Ransomware
HIGH

.WAV File - New Malware Delivery Method Discovered

Threat actors are now using .wav files to deliver malware. This new tactic puts users at risk. Stay aware and protect your systems from these threats.

SISANS ISC Full Text+1 more
Read PingRead Source
Preview image for Trojanized TestDisk Installer - Illicit ScreenConnect Deployment
Malware & Ransomware
HIGH

Trojanized TestDisk Installer - Illicit ScreenConnect Deployment

A trojanized TestDisk installer is being used to deploy ScreenConnect, allowing attackers remote access. This poses a significant risk of data theft and unauthorized control. Stay vigilant against such threats.

SCSC Media
Read PingRead Source
Preview image for Gh0st RAT and CloverPlus Adware - New Dual-Payload Malware
Malware & Ransomware
HIGH

Gh0st RAT and CloverPlus Adware - New Dual-Payload Malware

A new malware campaign is delivering both Gh0st RAT and CloverPlus adware simultaneously. This dual threat allows attackers to control systems and generate revenue. Security teams must enhance their defenses against this evolving threat.

CSCyber Security News
Read PingRead Source
Preview image for FUD Crypt - Hackers Generate Microsoft-Signed Malware
Malware & Ransomware
HIGH

FUD Crypt - Hackers Generate Microsoft-Signed Malware

FUD Crypt is a new malware-as-a-service that allows hackers to create Microsoft-signed malware easily. This poses a significant risk as it can bypass security measures. Cybersecurity teams must remain vigilant against these sophisticated threats.

CSCyber Security News
Read PingRead Source