Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
AI-powered Forg365 Phishing Platform Targets Microsoft 365 Accounts
July 11, 2026
Dell BIOS Critical Flaw Exposes Admin Passwords From SPI Flash
July 11, 2026
CISA Report Details Lessons Learned From AWS GovCloud Credential Leak
July 11, 2026
Home/Threats/DOJ Sentences Two Americans to Prison for ALPHV BlackCat Ransomware Attacks
Threats

DOJ Sentences Two Americans to Prison for ALPHV BlackCat Ransomware Attacks

Key Takeaways Two U.S. citizens received four-year federal prison sentences for their involvement in ALPHV BlackCat ransomware attacks against American businesses. The convicted individuals, Ryan...

Marcus Rodriguez
Marcus Rodriguez
May 4, 2026 3 Min Read
50 0

Key Takeaways

  • Two U.S. citizens received four-year federal prison sentences for their involvement in ALPHV BlackCat ransomware attacks against American businesses.
  • The convicted individuals, Ryan Goldberg and Kevin Martin, had pleaded guilty to conspiracy charges related to extortion.
  • ALPHV BlackCat, a sophisticated, Rust-based ransomware-as-a-service (RaaS) operation, targeted over 1,000 victims globally, including critical medical and engineering sectors.
  • A third co-conspirator, Angelo Martino, awaits sentencing for allegedly leveraging his role as a ransomware negotiator to aid the attackers.
  • The FBI previously disrupted ALPHV BlackCat by providing a decryption tool to victims, saving nearly $100 million in potential ransom payments.

DOJ Sentences Cybercriminals Behind ALPHV BlackCat Ransomware Attacks

In a significant move against cybercrime, the U.S. Department of Justice (DOJ) announced on April 30, 2026, the sentencing of two American individuals to four years in federal prison. These convictions stem from their direct participation in ransomware campaigns that crippled numerous U.S. enterprises using the notorious ALPHV BlackCat ransomware.

Table Of Content

  • Key Takeaways
  • DOJ Sentences Cybercriminals Behind ALPHV BlackCat Ransomware Attacks
  • The Convictions and Guilty Pleas
  • The ALPHV BlackCat Modus Operandi
  • Widespread Impact and Financial Gains
  • Law Enforcement’s Response and Ongoing Investigations

The Convictions and Guilty Pleas

The DOJ confirmed that Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, received their sentences after pleading guilty in December 2025. Both individuals admitted to conspiracy charges linked to ransomware-based extortion schemes targeting American companies. This sentencing underscores the U.S. government’s resolve to prosecute those who exploit digital vulnerabilities for financial gain.

Further details on the convictions are available in the official Department of Justice announcement, which can be accessed here.

The ALPHV BlackCat Modus Operandi

ALPHV BlackCat emerged in late 2021, quickly establishing itself as one of the most advanced ransomware operations globally. Developed in the Rust programming language, its cross-platform compatibility (Windows and Linux) allowed it to adapt to diverse network environments. The ransomware propagated through various initial access vectors, including compromised credentials, sophisticated phishing campaigns, and poorly secured remote desktop protocol (RDP) services.

Upon gaining entry, ALPHV BlackCat operators would conduct lateral movement within the network, disable security measures, and encrypt vital files. Ransom demands, typically in cryptocurrency, followed these actions. The group operated a sophisticated ransomware-as-a-service (RaaS) model, enabling affiliates to deploy the malware in exchange for a percentage of the collected ransom. Additional details on the group’s operations can be found in the same DOJ document.

Widespread Impact and Financial Gains

The destructive reach of ALPHV BlackCat was extensive, impacting over 1,000 victims worldwide. Court records reveal that targeted entities included vital medical and engineering service providers across the United States. In one instance, patient data from a healthcare provider was leaked after the organization refused to pay the ransom. Goldberg and Martin, alongside co-conspirator Angelo Martino, 41, of Florida, successfully extorted approximately $1.2 million in Bitcoin from a single victim. The three men then laundered the funds and split 80 percent of the proceeds.

Law Enforcement’s Response and Ongoing Investigations

Analysts and investigators from Justice.gov and the FBI Miami Field Office meticulously documented the criminal enterprise. A striking revelation was that all three defendants possessed professional cybersecurity experience, which they perverted to attack the very types of organizations they were trained to protect. The FBI’s pursuit of Goldberg spanned ten countries after he attempted to evade prosecution by fleeing abroad, demonstrating the unwavering commitment of U.S. law enforcement to hold cybercriminals accountable.

The ALPHV BlackCat RaaS model presented unique challenges for

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCybersecurityMalwarephishingransomwareSecurityThreat

Share Article

Marcus Rodriguez

Marcus Rodriguez

Marcus is a security researcher and investigative journalist with expertise in vulnerability research, bug bounties, and cloud security. Since 2017, Marcus has been breaking stories on critical vulnerabilities affecting major platforms. His investigative work has led to the disclosure of numerous security flaws and improved defenses across the industry. Marcus is an active participant in bug bounty programs and has been recognized for responsible disclosure practices. He holds multiple security certifications and regularly speaks at industry events.

Previous Post

Critical SAP npm Vulnerabilities Let Attackers Steal GitHub, Cloud, AI Secrets

Next Post

New xlabs_v1 Botnet Targets Minecraft Servers via ADB-Exposed Android Devices

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical OpenClaw Vulnerability Lets Attackers Hijack WhatsApp Via One Message
July 11, 2026
Progress Urges ShareFile Server Shutdown Over Critical Vulnerability
July 11, 2026
Critical Citrix Bleed Vulnerability Exploited for Ransomware Attacks
July 11, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us