A federal district court in the Southern District of Florida accepted guilty pleas from two cybersecurity professionals who turned their expertise against the businesses they were supposed to protect.
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, admitted to conspiring to obstruct commerce through extortion in connection with ransomware attacks conducted throughout 2023.
The defendants leveraged their advanced cybersecurity training to deploy ALPHV BlackCat ransomware against multiple victims across the United States between April and December 2023.
Working alongside an unnamed co-conspirator, they operated as affiliates within the ransomware-as-a-service model, agreeing to pay ALPHV BlackCat administrators a 20% share of ransom proceeds in exchange for access to the ransomware and extortion infrastructure.
Extortion Campaign Details
The trio successfully extorted approximately $1.2 million in Bitcoin from one victim, splitting their 80% share three ways before laundering the cryptocurrency through various channels.
Their backgrounds in cybersecurity gave them specialized knowledge of network defenses and vulnerabilities, which they exploited to compromise victim systems rather than defend against them.
ALPHV, also known as BlackCat, targeted over 1,000 victims worldwide through a sophisticated ransomware-as-a-service operation.
Developers maintained the malware and illicit infrastructure, while affiliates like Goldberg and Martin identified high-value targets and executed attacks.
After successful extortion, developers and affiliates divided the ransom payments according to pre-established agreements.
The Justice Department previously disrupted ALPHV BlackCat operations in December 2023, when the FBI developed a decryption tool that was distributed to hundreds of victims through field offices and international law enforcement partners.
This intervention saved victims approximately $99 million in ransom payments. At the same time, the FBI simultaneously seized multiple websites operated by the ransomware group.
Both defendants pleaded guilty to one count of conspiracy to obstruct commerce by extortion under 18 U.S.C. § 1951(a). Sentencing is scheduled for March 12, 2026, with each facing a maximum penalty of 20 years in prison.
The FBI Miami Field Office leads the investigation with assistance from the U.S. Secret Service, while prosecutors from the Justice Department’s Computer Crime and Intellectual Property Section handle the case.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.