Two cybersecurity professionals who leveraged their specialized training to extort American businesses instead of protecting them pleaded guilty Monday in federal court.
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, entered guilty pleas in the Southern District of Florida, admitting to a conspiracy that utilized the notorious ALPHV BlackCat ransomware to freeze victim networks and demand massive payouts.
According to the Department of Justice, the defendants were not typical hackers operating from overseas shadows. Both men worked legitimate jobs in the cybersecurity industry. Prosecutors say they used that “trusted access” and technical know-how to launch attacks from within the United States between April and December 2023.
READ: Trap Sprung: Texas Man Allegedly Handed Bomb Parts To Undercover Agent Posing As ISIS Fighter
“These defendants used their sophisticated cybersecurity training and experience to commit ransomware attacks — the very type of crime that they should have been working to stop,” said Assistant Attorney General A. Tysen Duva.
The ‘BlackCat’ Connection
Court documents reveal the pair, along with a third co-conspirator, operated as affiliates for the ALPHV BlackCat ransomware group. Under a “ransomware-as-a-service” model, the duo deployed malware created by the group’s developers to lock down target systems.
In one instance detailed by prosecutors, Goldberg and Martin successfully extorted a victim for approximately $1.2 million in Bitcoin. The business arrangement was strict: the pair paid a 20% cut to the BlackCat administrators for use of the software and platform, then split the remaining 80% share amongst themselves. They subsequently laundered the proceeds to hide the paper trail.
U.S. Attorney Jason A. Reding Quiñones noted the significance of domestic actors participating in these schemes.
READ: Trump Vows Backers Will ‘Wipe Out’ Hamas If Disarmament Fails
“Ransomware is not just a foreign threat — it can come from inside our own borders,” Quiñones said. “Goldberg and Martin used trusted access and technical skill to extort American victims and profit from digital coercion.”
A Wider Net
ALPHV BlackCat has been a primary target for federal law enforcement. The group’s malware has hit over 1,000 victims globally. In December 2023, the FBI released a decryption tool that helped hundreds of victims restore their data, effectively preventing an estimated $99 million in ransom payments.
FBI Special Agent in Charge Brett Skiles, of the Miami Field Office, emphasized that the agency is focused on dismantling the entire ecosystem, from the developers to the affiliates who deploy the code.
“We will continue to leverage our intelligence, law enforcement tools, global presence, and partnerships to counter cybercriminals who seek to harm the American public,” Skiles said.
Goldberg and Martin pleaded guilty to conspiracy to obstruct commerce by extortion. They are scheduled for sentencing on March 12, 2026, where they face a maximum penalty of 20 years in federal prison.
Please make a small donation to the Tampa Free Press to help sustain independent journalism. Your contribution enables us to continue delivering high-quality, local, and national news coverage.
Sign up: Subscribe to our free newsletter for a curated selection of top stories delivered straight to your inbox.
