Ethical Hacking News
The Department of Justice (DOJ) has launched an investigation into a former employee of DigitalMint, a company that specializes in ransomware negotiation. The suspect is accused of working with ransomware gangs to profit from extortion kickbacks, sparking concerns among law enforcement agencies and cybersecurity experts.
The Department of Justice (DOJ) is investigating a former employee of DigitalMint for allegedly working with ransomware gangs to profit from extortion kickbacks. DigitalMint, a company that specializes in ransomware negotiation and facilitating cryptocurrency payments, is under scrutiny for its involvement in these negotiations. The investigation alleges that DigitalMint would receive a cut of the ransom paid by companies affected by ransomware attacks, making them complicit in extortion schemes. A previous report by ProPublica highlighted issues with US data recovery firms paying ransomware gangs while charging clients without disclosing these payments. The CEO of Coveware warns that business models with financial incentives for larger transaction volume and higher fees are vulnerable to abuse. The investigation has sparked concerns among law enforcement agencies, cybersecurity experts, and the public about the use of ransomware negotiation services.
The Department of Justice (DOJ) has launched an investigation into a former employee of DigitalMint, a Chicago-based incident response and digital asset services company that specializes in ransomware negotiation and facilitating cryptocurrency payments. The suspect, who was allegedly involved in negotiating ransom payments with ransomware gangs, is accused of working with these groups to profit from extortion kickbacks.
The investigation, which began earlier this year, involves allegations that the suspect worked with ransomware gangs to negotiate payment deals on behalf of companies affected by ransomware attacks. In return for their services, DigitalMint would allegedly receive a cut of the ransom paid by the company, making them complicit in the extortion scheme.
DigitalMint, which has been operating since 2017, claims to have conducted over 2,000 ransomware negotiations during that time. However, the company's involvement in these negotiations has now come under scrutiny, with some law and insurance firms warning clients against using DigitalMint while the investigation is ongoing.
The allegations against DigitalMint are not new, however. A 2019 report by ProPublica revealed that some US data recovery firms were secretly paying ransomware gangs while charging clients for data restoration services without disclosing the payments made to the attackers. These ransomware payments were significantly lower than the multi-million-dollar ransom payments made by companies today.
In response to these allegations, Coveware's CEO, Bill Siegel, stated that business models that do not utilize a fixed-fee structure are vulnerable to abuse. "Business models that are financially incentivized towards larger transaction volume and higher transaction size do NOT fit within the incident response industry," Siegel said. "This moral hazard has been present for years and has manifested itself several times, but it's always the same underlying issue. If an intermediary earns a large fixed percentage of a ransom, objective advice is not going to follow."
Siegel also emphasized that paying a ransom demand can often be the wrong decision for any company, which can be challenging to communicate to companies dealing with ransomware attacks.
The investigation into DigitalMint's former employee has sparked concerns among law enforcement agencies and cybersecurity experts. The FBI declined to comment on the matter when contacted earlier this week, while BleepingComputer was unable to confirm the story due to the ongoing nature of the investigation.
As the investigation continues, it remains to be seen what consequences will be faced by DigitalMint's former employee and whether the company's involvement in ransomware negotiations has been compromised. One thing is certain, however: the use of ransomware negotiation services has become increasingly complex, with companies and individuals facing new challenges in navigating these complex web of extortion kickbacks.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Department-of-Justice-Cracks-Down-on-Ransomware-Negotiators-A-Complex-Web-of-Extortion-Kickbacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/doj-investigates-ex-ransomware-negotiator-over-extortion-kickbacks/
https://www.techspot.com/news/108540-ransomware-negotiator-allegedly-struck-deals-hackers-profit-extortion.html
Published: Wed Jul 2 22:19:49 2025 by llama3.2 3B Q4_K_M
