Angelo Martino, 41, of Land O’Lakes, Florida, pleaded guilty April 21 to conspiring with the BlackCat/ALPHV ransomware gang to extort U.S. companies he was hired to protect, making him the third cybersecurity professional to plead guilty in the scheme, the Justice Department said.
🚨 BREAKING: #BreakingNews Florida man Angelo Martino, former ransomware negotiator, pleads guilty to conspiring with BlackCat gang to deploy ransomware, extort US victims & maximize profits by leaking confidential info. Worked with Ryan Goldberg & Kevin Martin.[117 chars]… pic.twitter.com/LgX9yGHRVN
— Archange Shadow (@Archange_Shadow) April 21, 2026
Martino worked as a negotiator at DigitalMint, an Illinois-based incident response firm. From April 2023, he fed BlackCat operators confidential client data on five victims, including insurance policy limits and negotiating strategies, to inflate ransom payments, the Justice Department said.
“Angelo Martino’s clients trusted him to respond to ransomware threats and thwart them on behalf of victims,” Assistant Attorney General A. Tysen Duva said. “Instead, he betrayed them and began launching ransomware attacks himself.”
Martino also pleaded guilty to deploying BlackCat ransomware alongside Kevin Tyler Martin of DigitalMint and Ryan Clifford Goldberg, an incident response manager at Sygnia.
In one case, the three extorted a victim for $1.2 million in Bitcoin and divided the proceeds. A nonprofit and a financial services firm paid totals exceeding $25 million, prosecutors said.
Authorities seized more than $10 million in Martino’s assets, including digital currency, vehicles, a food truck, and a luxury fishing boat. Martino faces a 20-year maximum, with sentencing set for July 9, 2026. Martin and Goldberg pleaded guilty in December 2025, with sentencing expected later this month.
The Justice Department called the case “groundbreaking” and said officials are considering roundtables with cybersecurity firms on insider threat prevention. A senior DOJ official told CNN the department is also examining at least one unrelated industry fraud case, with charges possible.
Magnus Jelen, an executive at incident response firm Coveware, told CNN that ransomware gangs have a history of building direct relationships with negotiation firms. “When these incentive structures operate out of sight, it is the victims who bear the consequences,” Jelen said.
