Two U.S. Cybersecurity Professionals Plead Guilty to Working asALPHV/BlackCat Affiliates

In a startling betrayal of their profession, two U.S. cybersecurity experts have pleaded guilty to orchestrating ransomware attacks against American businesses.

Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, admitted in a federal district court in Southern Florida that they used their specialized skills to hack companies rather than defend them.

From Defenders to Attackers

The two men worked as affiliates for the notorious ALPHV/BlackCat ransomware gang. Between April and December 2023, they leveraged their advanced knowledge of network vulnerabilities to breach victim systems.

Instead of patching security holes, they exploited them to deploy file-encrypting malware.

The duo operated under the “Ransomware-as-a-Service” (RaaS) model. In this setup, the core BlackCat group provided the malware and infrastructure, while independent affiliates such as Goldberg and Martin identified targets and executed the attacks.

The arrangement was lucrative: affiliates retained an 80% share of ransom payments, with the remaining 20% going to BlackCat administrators.

Court documents reveal that the pair, working with an unnamed co-conspirator, successfully extorted approximately $1.2 million in Bitcoin from a single victim company.

After the victim paid the ransom, the trio split their 80% share and laundered the cryptocurrency through multiple channels to obscure the money trail.

Their actions were part of a broader campaign by ALPHV/BlackCat, a group responsible for targeting over 1,000 victims globally.

The gang was known for its ruthless tactics until the U.S. Department of Justice disrupted its operations in December 2023.

During that operation, the FBI seized the group’s websites and distributed decryption tools that saved victims nearly $99 million in potential ransom payments.

The transition from security professionals to cybercriminals comes at a high cost. Both Goldberg and Martin pleaded guilty to one count of conspiracy to obstruct commerce by extortion.

They are scheduled for sentencing on March 12, 2026, and each faces a maximum penalty of 20 years in federal prison.

The FBI Miami Field Office led the investigation with assistance from the U.S. Secret Service.

Authorities continue to urge organizations to report suspicious activity, emphasizing that cooperation with law enforcement is critical in dismantling these cybercriminal networks.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyber Press as a Preferred Source in Google.

The post Two U.S. Cybersecurity Professionals Plead Guilty to Working asALPHV/BlackCat Affiliates appeared first on Cyber Security News.