Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1838+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Third US Security Expert Sentenced to Prison for Helping Ransomware Gang
Third US Security Expert Sentenced to Prison for Helping Ransomware Gang
NEWS

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Angelo Martino, a former ransomware negotiator turned insider threat, was sentenced to 70 months in federal prison for actively assisting the BlackCat/AlphV ransomware group — the third known case of a US cybersecurity professional imprisoned for aiding a ransomware operation.

Dylan H.

News Desk

July 11, 2026
3 min read

Former Ransomware Negotiator Becomes the Criminal

Angelo Martino, who worked as a ransomware negotiator — a professional who would traditionally help victim organizations navigate extortion demands and minimize damage — has been sentenced to 70 months (nearly six years) in federal prison after being convicted of helping the BlackCat/AlphV ransomware group extort multiple victims.

According to court documents reported by SecurityWeek, Martino did not merely negotiate on behalf of victims. Instead, he used his position of trust to assist the criminal operators: passing information about victim defences, influencing negotiations in favour of the attackers, and facilitating extortion payments that enriched the gang rather than protecting victims.

The Insider Threat Dimension

The case is notable as the third documented instance of a US-based cybersecurity professional being imprisoned for collaboration with a ransomware group. The emerging pattern raises serious concerns within the industry about insider threats in adjacent roles — negotiators, incident responders, and consultants who gain privileged access to victim environments during crises.

Previous cases have involved security contractors who tipped off attackers about patch timelines and a former IR consultant who sold victim network information. Together, these cases illustrate that the ransomware ecosystem actively recruits from the security community, exploiting financial incentives and pre-existing relationships.

BlackCat/AlphV: A Sophisticated RaaS Operation

BlackCat/AlphV operated one of the most technically advanced Ransomware-as-a-Service (RaaS) platforms between 2021 and 2023. Written in Rust for cross-platform capability, it targeted Windows, Linux, and VMware ESXi hypervisors. The FBI disrupted BlackCat infrastructure in late 2023, but the group attempted a brief resurgence before going dark following the Change Healthcare attack — one of the most damaging ransomware incidents in US healthcare history.

Sentencing Details

DetailValue
DefendantAngelo Martino
Sentence70 months federal prison
JurisdictionUS Federal Court
Gang AssistedBlackCat / AlphV (RaaS)
RoleFormer ransomware negotiator

Implications for the Incident Response Industry

The Martino case is expected to prompt increased scrutiny of ransomware negotiation firms and incident response contractors. Industry observers are calling for:

  • Background checks and vetting for all IR personnel with access to victim environments
  • Transparency requirements on financial arrangements between negotiators and ransomware operators
  • Regulatory oversight of the ransomware negotiation industry, which currently operates with minimal formal standards

For CISOs, the takeaway is clear: third-party incident responders and negotiators should be treated as privileged insiders, subject to the same access controls and monitoring applied to internal staff.

Sources

  • SecurityWeek: Third US Security Expert Sentenced to Prison for Helping Ransomware Gang
#Ransomware#Cybercrime#Insider Threat#BlackCat#Law Enforcement

Related Articles

Ryuk Operator Pleads Guilty; BlackCat/AlphV Conspirator Gets Nearly 6-Year Sentence

A Ryuk ransomware operator pleaded guilty in Oregon federal court while a BlackCat/AlphV conspirator received a 70-month prison sentence in Florida, marking twin ransomware enforcement victories in a single day.

3 min read

Cyber Incident Responders Sentenced to 4 Years for Carrying

Two cybersecurity incident responders who abused their trusted positions to secretly carry out ransomware attacks against the organizations they were...

6 min read

US Ransomware Negotiators Get 4 Years in Prison Over

Two former cybersecurity incident responders from Sygnia and DigitalMint were each sentenced to four years in federal prison for leveraging their trusted...

4 min read
Back to all News