Two American cybersecurity professionals were sentenced to four years in prison for facilitating BlackCat ransomware attacks in 2023.
They pleaded guilty in December 2025 to one count of conspiracy to obstruct, delay, or affect commerce, or the movement of any article or commodity in commerce, by extortion.
According to court documents, Ryan Goldberg, Kevin Martin, and their co-conspirator Angelo Martino deployed ALPHV/BlackCat ransomware between April and December 2023 against multiple victims across the United States. They agreed to pay ALPHV/BlackCat administrators a 20% share of any ransoms received in exchange for access to the ransomware and its extortion platform. After extorting approximately $1.2 million in Bitcoin from one victim, they split the remaining share and laundered the proceeds.
ALPHV/BlackCat targeted computer networks of more than 1,000 organizations worldwide. The group operated a ransomware-as-a-service model in which developers built and maintained the malware and supporting infrastructure, while affiliates selected targets and carried out attacks. Ransom payments were split between developers and affiliates.
“These defendants exploited specialized cybersecurity knowledge not to protect victims, but to extort them,” said U.S. Attorney Jason A. Reding Quiñones for the Southern District of Florida.
“They used ransomware to lock down critical systems, steal sensitive data, and pressure American businesses into paying to regain access to their own information. Today’s sentence of four years reflects not only the scale of this scheme, but the real harm inflicted on businesses, employees, and victims whose private information was weaponized for profit. In this District, cybercriminals will face federal prison and forfeit the proceeds of their crimes,” Reding Quiñones continued.
This case follows the Justice Department’s December 2023 actions against ALPHV/BlackCat ransomware. The FBI developed a decryption tool that helped victims restore their systems, saving an estimated $99 million in ransom payments. The agency also seized several websites operated by the group at the time.
“Goldberg and Martin leveraged their technical skills and cyber security knowledge to extort millions from victims across the U.S., but the FBI’s global reach ensured that they ultimately faced justice. When Goldberg sought to flee abroad and escape prosecution, the FBI tracked him through 10 countries, demonstrating the lengths we will go to hold cyber criminals accountable and protect victims,” said Assistant Director Brett Leatherman of the FBI’s Cyber Division.
Angelo Martino pleaded guilty in April 2026 to the same charge. He also used his role as a ransomware negotiator to share confidential victim information with threat actors to increase ransom demands. He is scheduled to be sentenced on July 9.
