Angelo John Martino III, a 41-year-old former negotiator at DigitalMint, faces federal charges for allegedly orchestrating at least 10 ransomware attacks that netted $75.25 million in payments. Prosecutors claim he played both sides by negotiating on behalf of victims he had personally targeted through his secret affiliation with the ALPHV ransomware group.

A 41-year-old South Florida man named Angelo John Martino III has been accused of conducting at least 10 ransomware attacks and helping accomplices extort a combined 75.25 million dollars in ransom payments. While working as a professional ransomware negotiator for the firm DigitalMint, Martino allegedly held a secret affiliate account with the cybercriminal group ALPHV, also known as BlackCat. According to federal court records unsealed on Wednesday, this position allowed him to lead negotiations for five victims who had unknowingly hired his firm to resolve the very attacks he helped facilitate.

Martino is alleged to have conspired with other former cybersecurity professionals to infiltrate corporate networks, steal sensitive data, and encrypt files over a six-month period in 2023. By operating as both the attacker and the negotiator, prosecutors say he was able to use confidential information from his clients to maximize the final ransom amounts paid to his criminal associates. The victims of this dual-sided scheme included a nonprofit organization and various companies within the hospitality, financial services, retail, and medical industries, all of whom ultimately paid the demanded ransoms.

The case links Martino to a broader investigation involving other former industry professionals who turned to cybercrime. He was previously an unnamed co-conspirator in an indictment filed in November 2025 against Kevin Tyler Martin, another negotiator at DigitalMint, and Ryan Clifford Goldberg, who served as a manager of incident response at the firm Sygnia. While Martin and Goldberg pleaded guilty in December to participating in several ransomware attacks, they were not specifically named as co-conspirators in the five cases where Martino allegedly negotiated against his own clients.

Court documents highlight the specialized nature of the group's tactics, noting that the conspirators leveraged their professional backgrounds in cybersecurity to bypass defenses and manage the extortion process efficiently. While Goldberg and Martin are scheduled for sentencing on April 30 for their roles in separate successful extortions, the charges against Martino represent a significant breach of trust within the incident response industry. Prosecutors emphasize that his actions prioritized personal profit from criminal activities over his fiduciary duty to the organizations that hired him for protection.

Following the unsealing of the records, Martino's attorney did not immediately provide a comment regarding the allegations. The investigation continues to reveal the extent of the financial damage caused by the group, which far exceeded the 1.3 million dollars previously linked to his associates. As the legal proceedings move forward, the case serves as a stark warning about the potential for internal corruption within the niche field of ransomware negotiation and cyber insurance recovery.

Source: Feds Allege DigitalMint Negotiator Ran Ransomware Attacks and Extorted $75M