Cyber Pros Plead Guilty as ALPHV/Black Security

This is a pretty wild story, actually. A federal court down in the Southern District of Florida just accepted guilty pleas from two cybersecurity professionals. And here’s the twist: instead of using their expertise to *stop* ransomware attacks, they were actually using those very skills to *conduct* them. Talk about a betrayal of trust, right?

Ryan Goldberg, 40, from Georgia, and Kevin Martin, 36, from Texas, pleaded guilty to conspiracy to commit extortion through ransomware operations.

Between April and December 2023, Goldberg and Martin, along with a third conspirator, deployed the ALPHV BlackCat ransomware against multiple U.S. victims.

The defendants leveraged their knowledge of computer security to exploit vulnerable systems rather than protect them.

They agreed to pay ALPHV BlackCat administrators 20% of all ransom payments in exchange for access to the ransomware and the group’s extortion platform.

After successfully extorting one victim for approximately $1.2 million in Bitcoin, the three men split their 80% share of the ransom and laundered the proceeds through various channels.

This case demonstrates a troubling trend where insiders weaponize their technical skills for criminal purposes.

ALPHV BlackCat operates as a ransomware-as-a-service model, meaning developers maintain the malware and infrastructure. At the same time, affiliates identify and attack high-value targets.

The group has targeted over 1,000 victims worldwide, causing extensive financial damage across industries. The Justice Department has prioritized disrupting ALPHV BlackCat operations.

In December 2023, the FBI developed a decryption tool that helped hundreds of victims restore their systems without paying ransoms, saving approximately $99 million. The FBI also seized several websites operated by the criminal group.

Goldberg and Martin each face up to 20 years in prison for conspiracy to commit extortion. They are scheduled to be sentenced on March 12, 2026.

The investigation was led by the FBI’s Miami Field Office, with assistance from the U.S. Secret Service, underscoring a multi-agency approach to combating ransomware threats.

This case underscores a critical security concern: trusted cybersecurity professionals can pose a threat when compromised.

Organizations must implement stringent background checks, monitoring, and ethical training for security personnel.

The guilty pleas send a clear message that domestic ransomware operators will be prosecuted and held accountable, regardless of their technical expertise or industry position.