Two cybersecurity guys plead guilty to being hackers all along

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. 

According to an announcement this week from the US Department of Justice, Ryan Goldberg, 40, and Kevin Martin, 36, pleaded guilty to orchestrating a string of ransomware attacks in 2023 that netted them about $1.2 million in Bitcoin.

Here’s the part that makes security teams everywhere groan into their coffee: one of the defendants was literally a ransomware negotiator. 

Martin and an unnamed co-conspirator worked at Digital Mint, a company that helps organizations survive ransomware attacks. 

Goldberg, meanwhile, was an incident response manager at Sygnia Cybersecurity Services. Their day jobs involved cleaning up cybercrime. Their alleged night job was committing it.

The trio used the infamous ALPHV / BlackCat ransomware, encrypting victims’ systems and stealing data before demanding massive payouts. 

BlackCat operates like a startup accelerator for hackers: the developers build and maintain the malware, while affiliates do the dirty work and share the profits. 

It’s ransomware, but with revenue sharing.

Ironically, 2023 was also the year the Federal Bureau of Investigation rolled out a decryption tool designed to help victims recover data locked up by BlackCat, a move that likely made life much harder for criminals relying on it.

Prosecutors say the group targeted a wide range of victims across the US, including a medical device company, a pharmaceutical firm, a doctor’s office, an engineering company, and even a drone manufacturer. 

In one case, they successfully extorted $1.2 million, proving that insider knowledge is, unfortunately, very valuable.

“These defendants used their sophisticated cybersecurity training to commit the very crimes they were supposed to prevent,” the DOJ said, in what may be the understatement of the year.

Goldberg and Martin pleaded guilty to conspiracy to extort, a charge that carries a maximum sentence of 20 years in prison. (Via: The Verge)

They’ll find out their fate on March 12th, 2026, plenty of time for the cybersecurity industry to quietly update its trust issues.