The U.S. Department of Justice has charged Angelo Martino, a former DigitalMint employee, for his role in a scheme where ransomware negotiators secretly collaborated with the BlackCat cybercrime group. Working alongside other industry insiders, Martino allegedly leaked confidential negotiation details to attackers and shared ransom payments with the gang's administrators.

Angelo Martino surrendered to authorities this week to face charges of conspiracy to interfere with interstate commerce by extortion. Court documents reveal that while serving as a professional negotiator for victims of cyberattacks, Martino was actually working in tandem with the very criminals his clients were trying to thwart. He was previously known only as an unnamed co-conspirator in an earlier indictment involving two other individuals from the cybersecurity and incident response fields.

The investigation uncovered that between 2023 and 2025, the group operated as affiliates for the BlackCat ransomware operation. They targeted at least five American organizations, including medical facilities and school districts, and pocketed significant sums from their victims. In exchange for using the ransomware infrastructure, the group allegedly paid 20 percent of their illicit earnings back to the main BlackCat administrators.

One specific instance highlighted by prosecutors involved a medical device manufacturer in Florida that was coerced into paying a 1.27 million dollar ransom. The defendants reportedly used their insider knowledge to pressure victims, threatening to leak sensitive data if their demands were not met. This dual role allowed them to profit from both the victim's desperation and the criminal organization's tools.

The CEO of DigitalMint issued a statement strongly condemning the actions of the former employees and noting that their employment was terminated as soon as the behavior was discovered. The company has cooperated with law enforcement throughout the investigation and has since implemented stricter internal controls to prevent similar insider threats. They emphasized that such criminal activity violated the core ethical standards of the cybersecurity profession.

The BlackCat ransomware group has been a major focus for federal authorities, having previously extorted hundreds of millions of dollars from over a thousand victims worldwide. This case mirrors past reports of data recovery firms secretly paying off hackers without informing their clients. The legal proceedings for Martino’s accomplices are already underway, with sentencing expected to take place next month.

Source: US Charges Another Ransomware Negotiator Linked To BlackCat Attacks