Former Ransomware Negotiator in Florida Pleads Guilty to Extortion and Cyberattacks

A South Florida man has pleaded guilty to conspiring with multiple ransomware affiliates to attack and extort payments from the same U.S. companies he was hired to represent as a ransomware negotiator for DigitalMint in 2023, the U.S. Department of Justice announced on Monday.

Angelo John Martino III, 41, shared confidential details about victim organizations’ internal negotiating positions and insurance policy limits he obtained during his role at DigitalMint. According to his plea agreement, he used this insider information to help himself and other BlackCat ransomware affiliates extract maximum ransom payments.

Five of Martino’s victims had hired DigitalMint, which assigned him to conduct ransomware negotiations on their behalf—a rare dual role he exploited to deceive both sides. DigitalMint, which has not been accused of any involvement in the crimes, terminated Martino the day after the Justice Department notified the company of its investigation in April 2025.

Victims and Extorted Amounts

The five U.S.-based victims, operating in nonprofit, hospitality, financial services, retail, and medical industries, all paid ransoms after unwittingly hiring Martino to negotiate on their behalf. Prosecutors stated that Martino’s actions contributed to a combined total of $75.3 million in extorted ransom payments, including:

• A nearly $26.8 million payment from an unnamed nonprofit organization.
• A nearly $25.7 million payment from an unnamed financial services company.

Additionally, Martino admitted to conspiring with Kevin Tyler Martin, another former DigitalMint ransomware negotiator, and Ryan Clifford Goldberg, a former incident response manager at Sygnia, to deploy BlackCat ransomware (also known as ALPHV) against five additional U.S. companies between April and November 2023.

Martin and Goldberg pleaded guilty in December to participating in a series of ransomware attacks and are scheduled for sentencing on April 30.

Justice Department Statement on Betrayal of Trust

“Angelo Martino’s clients trusted him to respond to ransomware threats and help thwart and remedy them on behalf of victims. Instead, he betrayed them and began launching ransomware attacks himself by assisting cybercriminals and harming victims, his own employer, and the cyber incident response industry itself.”

A. Tysen Duva, Assistant Attorney General for the Justice Department’s Criminal Division, made this statement.

Exploiting the Dark Side of Ransomware Negotiation

The case against Martino highlights an extreme, though rare, example of the risks associated with ransomware negotiation as a practice. Officials emphasized that such backchannel negotiations, which often go unscrutinized, can lead to severe consequences for victims and the cybersecurity industry.

Prosecutors provided examples of Martino’s betrayal, including chats where he advised a BlackCat affiliate on a victim’s insurance limits. In one instance, Martino told an affiliate that the victim’s insurance carrier “was only approving small accounts” and promised to share the maximum amount the victim was willing to pay. He stated, “We don’t know how you came up with the number, but it’s the max.”

DigitalMint has not responded to requests for comment regarding Martino’s guilty plea.