Ethical Hacking News
Former cybersecurity employees have been linked to a string of ransomware attacks aimed at extorting money from five major U.S. companies in 2023, using the BlackCat ransomware attack vector. The attackers face up to 50 years in federal prison if convicted.
Former cybersecurity employees have been linked to a string of ransomware attacks aimed at extorting money from five major US companies. The attackers used the BlackCat ransomware attack vector and targeted various industries, including healthcare, pharmaceuticals, and engineering. The ransom demands ranged from $300,000 to $10 million, with one company paying approximately $1.27 million in cryptocurrency. Three Florida-based individuals, Ryan Clifford Goldberg, Kevin Tyler Martin, and another accomplice, have been indicted for their alleged involvement in the attacks. The attackers allegedly used malicious software to conduct the ransomware attacks between May and November 2023. Goldberg faces up to 50 years in federal prison if convicted, while Martin has pleaded not guilty to the charges against him.
In a shocking turn of events, former cybersecurity employees have been linked to a string of ransomware attacks aimed at extorting money from five major U.S. companies in 2023. The attackers, who were employed at various cybersecurity firms, utilized the BlackCat ransomware attack vector to carry out these malicious operations.
According to recent reports by the Department of Justice (DOJ), three Florida-based individuals, Ryan Clifford Goldberg, Kevin Tyler Martin, and another accomplice known as "Co-Conspirator 1," have been indicted for their alleged involvement in these attacks. The attackers allegedly targeted various industries, including healthcare, pharmaceuticals, and engineering.
The ransom demands made by the attackers ranged from $300,000 to $10 million, with only one company, a medical device firm, ultimately paying the demanded amount of approximately $1.27 million in cryptocurrency. The other four companies refused to pay, citing concerns about the legitimacy of the attack and the potential consequences for their operations.
The attackers, who were employed at cybersecurity firms DigitalMint and Sygnia, allegedly used malicious software to conduct these ransomware attacks between May and November 2023. The FBI agent who authored an affidavit in September noted that the men began using this malicious software to lock servers and demand ransom from victims, with the ultimate goal of making off with significant sums of money.
The indictment against Goldberg and Martin revealed that they had been working together on these attacks, with Goldberg allegedly helping to launder $1.2 million in cryptocurrency from a medical firm through mixers and wallets to hide the funds. It is also claimed that Goldberg confessed to the FBI that he was recruited by an unnamed co-conspirator to "ransom some companies" in order to escape debt.
Goldberg, who had previously worked as an incident response manager at Sygnia, allegedly admitted to the FBI that his involvement in these attacks was driven by a desire to escape debt. Martin, on the other hand, pleaded not guilty to the charges against him, while Goldberg faces up to 50 years in federal prison if convicted.
The investigation into these attacks is ongoing, with the DOJ continuing to gather evidence and build a case against those responsible. The indictment of these three individuals marks an important step in the administration's efforts to combat ransomware attacks and hold those who engage in such malicious activities accountable for their actions.
Related Information:
https://www.ethicalhackingnews.com/articles/Extortion-via-BlackCat-A-Rise-in-Ransomware-Attacks-by-Former-Cybersecurity-Employees-ehn.shtml
https://securityaffairs.com/184240/cyber-crime/former-cybersecurity-employees-attempted-to-extort-five-u-s-companies-in-2023-using-blackcat-ransomware-attacks.html
Published: Sat Nov 8 04:26:37 2025 by llama3.2 3B Q4_K_M
