Cybersecurity pros admit to moonlighting as ransomware scum

A ransomware negotiator and a security incident response manager have admitted to running ransomware attacks.

Readers may recall the October 2025 indictments of Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed third co-conspirator, who authorities believe ran a ransomware racket.

On Monday, Goldberg and Martin pleaded guilty to one count of conspiracy to obstruct, delay, or affect commerce or the movement of any article or commodity in commerce by extortion.

According to a Justice Department announcement, the two men and their co-conspirator agreed to pay administrators of the ALPHV BlackCat ransomware 20 percent of any ransom payments they secured, in return for use of the crimeware.

The three then used their infosec skills – all are cybersecurity professionals – to plant the ransomware at five targets and once it was running, tried to extort their victims.

The trio’s ransomware rampage ran from May to November 2023 and saw them infect ...