U.S. prosecutors have filed charges against two individuals who worked as ransomware negotiators at a cybersecurity firm, accusing them of launching ransomware attacks against U.S. companies. The Department of Justice indicted Kevin Tyler Martin and another employee from DigitalMint for computer hacking and extortion related to attempted ransomware attacks on at least five U.S.-based companies. Additionally, Ryan Clifford Goldberg, a former incident response manager at Sygnia, was implicated in the scheme.
The accused individuals are alleged to have hacked into companies, stolen sensitive data, and deployed ransomware developed by the ALPHV/BlackCat group. This group operates a ransomware-as-a-service model, where they provide the malware, and affiliates like the indicted employees carry out the attacks. The FBI affidavit revealed that the rogue employees received over $1.2 million in ransom payments from one victim, a medical device manufacturer in Florida, and targeted other companies as well.
Sygnia confirmed Goldberg’s employment and subsequent termination in connection with the ransomware incidents. DigitalMint’s president acknowledged Martin’s employment during the alleged hacks but clarified that Martin was acting independently.
Source: TechCrunch