"Martin had apparently seen how this system worked in practice through his job, and he approached a pair of other people to help him make some easy cash. One of these people was allegedly Ryan Goldberg of Watkinsville, Georgia, who worked as an incident manager at the cybersecurity firm Sygnia. Goldberg told the FBI that Martin had recruited him to "try and ransom some companies.""
"In May 2023, the group attacked its first target, a medical company based in Tampa, Florida. The team got the BlackCat software onto the company's network, where it encrypted corporate data, and demanded a $10 million ransom for the decryption key. Eventually, the company decided to pay up-though only $1.27 million. The money was paid out in crypto, with a percentage going to the BlackCat devs and the rest split between Martin, Goldberg, and a third, as-yet-unnamed conspirator."
"Ransom requests varied widely: $5 million, or $1 million, or even a mere $300,000. But no one else paid. By early 2025, an FBI investigation had ramped up, and the Bureau searched Martin's property in April. Once that happened, Goldberg said that he received a call from the third member of their team, who was "freaking out" about the raid on Martin."
Martin sought to become an affiliate of the BlackCat ransomware group, selling modern ransomware code and dark-web infrastructure in exchange for a cut of profits. Martin recruited two others, including Ryan Goldberg, an incident manager at Sygnia, to carry out attacks. In May 2023 the group hit a Tampa medical company, encrypted data, demanded $10 million, and received $1.27 million in crypto split with BlackCat developers. The group later targeted a Maryland pharma firm, a doctor's office, a California engineering firm, and a Virginia drone manufacturer with ransom demands. Most victims refused to pay. An FBI investigation escalated, culminating in an April search of Martin's property and nervous reactions from co-conspirators.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]