Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
US prosecutors have charged two rogue employees of a cybersecurity company that specializes in negotiating ransom payments to hackers on behalf of their victims, with carrying out their own ransomware attacks.
Last month, the Department of Justice accused Kevin Tyler Martin and another unnamed employee, who both worked as ransomware consultants at DigitalMint, are charged with three counts of computer hacking and extortion in connection with multiple ransomware attack attempts against at least five US-based companies.
Prosecutors also charged a third man, Ryan Clifford Goldberg, a former incident response manager at cybersecurity giant Cygnia, as part of the scheme.
The three are accused of hacking the company, stealing their sensitive information and deploying ransomware developed by the ALPHV/Blackcat group.
The ALPHV/Blackcat gang operates as a ransomware-as-a-service model, where the gang creates file-encrypting malware used to steal and scramble victims’ data, while its associates — such as the three men charged — run the hacks and deploy the gang’s ransomware. The gang then takes a cut of the profits made from any ransom payments.
According to An FBI affidavit Filed in September, the rogue operatives received more than $1.2 million in ransom payments from a victim at a Florida medical device manufacturer. They also targeted several other companies, including a Virginia-based drone maker and a Maryland-headquartered pharmaceutical company.
Chicago Sun-Times The first accused reported on Sunday.
Cygnia CEO Guy Segal confirmed to TechCrunch that Goldberg was a Cygnia employee and was fired upon learning of his alleged involvement in the Cygnia ransomware attack. The agency declined to comment further, citing the FBI’s ongoing investigation.
DigitalMint president Mark Grenes told TechCrunch that Martin was an employee at the time of the alleged hacks, but said Martin was “acting completely outside the scope of his employment.”
Grenes also confirmed that the unnamed person may be a former employee. DigitalMint is also cooperating with the government’s investigation, Grenes said.
