- Three men allegedly deployed ALPHV ransomware against US firms, demanding cryptocurrency ransoms
- Victims included medical, pharma, engineering, and drone firms; one paid $1.2 million
- Charges carry up to 20 years; Goldberg confessed and was caught trying to flee
Three cybersecurity professionals have been accused of working as affiliates for the dreaded ALPHV (BlackCat) ransomware gang, deploying encryptors against multiple US organizations.
A US federal indictment filed in the Southern District of Florida claims two defendants - Ryan Clifford Goldberg of Georgia, and Kevin Tyler Martin of Texas, together with a third co-conspirator, hacked into company networks, stole data, encrypted it with ALPHV ransomware, and demanded cryptocurrency ransoms.
While the indictment does not describe either as cybersecurity professionals, the Chicago Sun-Times claims both Martin and the unnamed co-conspirator worked at DigitalMint as ransomware threat negotiators, while Goldberg was a former Sygnia incident response manager.
20 years in prison
Their victims included at least five companies: a medical device company from Florida (demanded $10 million in ransom, ended up paying around $1.2 million), a pharmaceutical company from Maryland, a doctor’s office and an engineering company in California, and a drone manufacturer based in Virginia.
Since all five companies were engaged in interstate commerce, the case falls under federal jurisdiction, it was explained.
The payments were allegedly laundered through multiple cryptocurrency wallets to hide their origins.
The three are facing serious prison time. They are being charged with “conspiracy to interfere with interstate commerce by extortion”, “interference with ecommerce by extortion”, and “intentional damage to a protected computer”. The first two carry prison sentences of up to 20 years, while the third one 10 years.
Martin has pled not guilty, while Goldberg has been in federal custody since September 2023.
Citing an FBI affidavit, CyberInsider reported Goldberg admitted taking part in the attacks during a June 2025 FBI interview and even said that he was recruited by the co-conspirator. He allegedly tried to flee the country with his wife after the interview, when he was apprehended.
Via BleepingComputer
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
