Aged 41 and residing in Florida, a former ransomware negotiator pleaded guilty to collaborating with the infamous group BlackCator otherwise known as ALPHV. Employed by a cybersecurity company, he abused his position to help cybercriminals extort American companies in 2023.
A betrayal of customers and the employer
The individual’s role was to help ransomware victims negotiate ransoms. However, court documents reveal that he played on both counts.
For at least five victims, he passed confidential information to BlackCat attackers, without the knowledge of his clients or his employer. This information included the victims’ insurance policy limits and their internal negotiation strategies.
In exchange for this information, which allowed the attackers to maximize their profits, the man received financial compensation.
Its own ransomware attacks as a bonus
The individual admitted to having acted with two other professionals in the sector, who have already pleaded guilty at the end of 2025. Together, they behaved like real BlackCat affiliates between April and November 2023.
This evil trio carried out their own ransomware attacks, demanding payments and threatening to release the stolen data. In one case, they managed to extort around $1.2 million in bitcoin from a victim, before splitting the winnings and laundering them through various means.
In the United States, the man faces a maximum sentence of 20 years in prison. Authorities seized $10 million worth of assets belonging to him. The sentence is expected on July 9. His accomplices risk similar sentences.
