top of page
perceptive_background_267k.jpg

US ransomware negotiators get 4 years in prison over BlackCat attacks

Published:

1 mei 2026 om 07:47:11

Alert date:

1 mei 2026 om 08:00:46

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Ransomware & Malware

Two former employees of cybersecurity incident response companies Sygnia and DigitalMint were sentenced to four years in prison each for their involvement in targeting U.S. companies with BlackCat (ALPHV) ransomware attacks. This represents a significant case of insider threats within the cybersecurity industry, where employees with privileged access to incident response capabilities turned to facilitating ransomware negotiations. The convictions highlight the growing legal consequences for ransomware operators and facilitators in the United States. BlackCat/ALPHV has been one of the most prolific ransomware-as-a-service operations, causing significant damage to organizations worldwide.

Technical details

Two former cybersecurity employees acted as BlackCat (ALPHV) ransomware affiliates between May 2023 and November 2023. They paid a 20% share of ransoms in exchange for access to BlackCat's ransomware and extortion platform. The attackers breached networks of multiple U.S. companies, encrypting servers and demanding ransoms ranging from $300,000 to $10 million. One Tampa medical device company paid $1.27 million after receiving a $10 million ransom demand. The FBI linked BlackCat to over 60 breaches between November 2021 and March 2022, with the operation collecting at least $300 million from more than 1,000 victims through September 2023.

Mitigation steps:

Organizations should implement robust cybersecurity measures, maintain regular backups, conduct security awareness training for employees, and establish incident response procedures. Companies should also verify the trustworthiness of cybersecurity vendors and personnel, and monitor for unusual network activity or unauthorized access attempts.

Affected products:

Related links:

https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks/
https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-plead-guilty-to-blackcat-alphv-ransomware-attacks/
https://legacy.www.documentcloud.org/documents/26212062-digital-mint-sygnia-indictment/
https://www.justice.gov/opa/pr/two-americans-who-attacked-multiple-us-victims-using-alphv-blackcat-ransomware-sentenced
https://www.bleepingcomputer.com/news/security/fbi-blackcat-ransomware-breached-at-least-60-entities-worldwide/
https://www.bleepingcomputer.com/news/security/fbi-alphv-ransomware-raked-in-300-million-from-over-1-000-victims/
https://www.bleepingcomputer.com/news/security/us-charges-another-ransomware-negotiator-linked-to-blackcat-attacks/
https://www.bleepingcomputer.com/news/security/former-ransomware-negotiator-pleads-guilty-to-blackcat-attacks/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page