CP
cyberpings
Malware & RansomwareHIGH

Ransomware Negotiator Allegedly Extorted Victims for Millions

SCSC Media
Angelo John Martino IIIDigitalMintALPHVBlackCatransomware
🎯

Basically, a negotiator for ransomware attacks is accused of stealing money from victims instead of helping them.

Quick Summary

A ransomware negotiator is accused of extorting victims for millions. DigitalMint claims ignorance of his actions. This scandal raises serious concerns about trust in cybersecurity professionals.

How It Works

In a shocking turn of events, Angelo John Martino III, a ransomware? negotiator for DigitalMint, has been accused of engaging in extortion? while negotiating ransoms for victims. Authorities allege that Martino conducted over 10 ransomware attacks and conspired with other cybersecurity professionals to extort a staggering $75.25 million from victims. This case highlights a disturbing trend where individuals in positions meant to help victims are instead exploiting them for personal gain.

Martino reportedly obtained an affiliate account? with the notorious ALPHV or BlackCat ransomware? group. This group is known for its sophisticated attacks and high ransom demands. By negotiating ransoms on behalf of victims while simultaneously orchestrating attacks against them, Martino blurred the lines between victim assistance and criminal activity. His actions raise serious questions about trust in the cybersecurity industry.

Who's Being Targeted

The victims of Martino's alleged schemes include businesses and organizations that fell prey to ransomware? attacks. These entities often rely on negotiators to help them navigate the complexities of ransom payments and recovery. Instead of receiving help, they may have been manipulated into paying ransoms that lined Martino's pockets.

DigitalMint, the company that employed Martino, claims it was unaware of his involvement in any ransomware? schemes prior to his hiring. This situation underscores the risks organizations face when hiring cybersecurity professionals without thorough vetting. Trust is paramount in this field, and breaches of that trust can lead to significant financial and reputational damage.

Signs of Infection

For organizations, recognizing the signs of ransomware? infection is crucial. Common indicators include:

  • Unusual file encryption: Files become inaccessible or are replaced with ransom notes.
  • Unexpected system behavior: Slow performance or strange pop-ups may signal an attack.
  • Unexplained network activity: Increased outgoing traffic could indicate data exfiltration.

Organizations must remain vigilant and ensure they have robust security measures in place. Regular training for employees on recognizing phishing attempts and suspicious behavior can help mitigate risks.

How to Protect Yourself

To safeguard against ransomware? attacks, organizations should implement several best practices:

  • Regular backups: Ensure that data is backed up frequently and stored securely offline.
  • Incident response plans: Develop and rehearse plans for responding to ransomware? incidents.
  • Employee training: Educate staff on recognizing phishing attempts and safe online practices.

Moreover, organizations should consider employing third-party negotiators with proven track records. Conducting thorough background checks can help prevent hiring individuals who may have ulterior motives. As the landscape of cyber threats evolves, staying informed and prepared is essential for any organization to defend against ransomware? attacks.

💡 Tap dotted terms for explanations

🔒 Pro insight: This case exemplifies the blurred lines in cybersecurity roles, emphasizing the need for stringent vetting processes in hiring practices.

Original article from

SC Media

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

SmartApeSG Campaign Deploys Remcos RAT via ClickFix Page

A new campaign is using a fake ClickFix page to spread Remcos RAT. Individuals and organizations are at risk of remote access and data theft. Stay vigilant and protect your systems from this growing threat.

SANS ISC Full Text·
HIGHMalware & Ransomware

New VENON Malware Targets Brazilian Banking Users

A new malware called VENON is targeting Brazilian banking users. This Rust-based threat employs advanced techniques to steal sensitive information. Stay alert and protect your accounts from this evolving danger.

SC Media·
HIGHMalware & Ransomware

FBI Investigates Malware Spread Through Steam Games

The FBI is investigating malware hidden in Steam games. Gamers who installed these titles may have had their accounts compromised. If you played these games, report your experience to help the investigation.

BleepingComputer·
HIGHMalware & Ransomware

Credential Theft: Storm-2561 Spoofs VPN Clients to Steal Logins

A new cybercrime group is spoofing VPN clients to steal user credentials. Cisco and Fortinet users are particularly at risk. Stay alert and ensure you’re downloading software from official sources to protect your data.

The Register Security·
HIGHMalware & Ransomware

Ransomware Responder Allegedly Aided BlackCat Cybercriminals

A cybersecurity responder allegedly aided BlackCat hackers in negotiating higher ransoms. This shocking breach of trust has raised alarms in the industry. DigitalMint has since terminated the involved parties and is enhancing oversight.

The Record·
HIGHMalware & Ransomware

Authorities Disrupt SocksEscort Proxy Service Linked to AVrecon Botnet

Authorities have disrupted the SocksEscort proxy service tied to the AVrecon botnet. This operation affected around 360,000 devices globally. Criminals used these compromised devices for various illegal activities, leading to significant financial losses for victims.

Security Affairs·