Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion.
They will be sentenced on March 12, 2026, the US Department of Justice announced this week.
Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the US between April 2023 and December 2023. An unnamed co-conspirator was also listed in the court filings.
They were accused of targeting five companies with the ransomware: a Florida medical device company, a Maryland pharmaceutical company, a doctor’s office in California, an engineering company in California, and a drone manufacturer in Virginia.
BlackCat ransomware, also known as ALPHV, is particularly pernicious as it can exploit cloud copies of data intended to protect against ransomware attacks as a way into the enterprise. Those behind it are among the most dangerous ransomware groups active today.
Goldberg and Martin didn’t develop BlackCat, though: they identified victims and targeted them with the ransomware-as-a-service, sharing ransom payouts with the developers.
The two reached plea agreements with the US Attorney for the Southern District of Florida on Dec. 18, 2025, and these were accepted by the US District Court for the Southern District fo Florida on Dec. 29, court records show.
The ransomware attacks resulted in losses exceeding $9.5 million, the parties agreed. However, authorities were only able to trace $324,123.26 in proceeds of the crimes to Goldberg and Martin, according to the plea agreements.
The pair face a maximum sentence of 20 years in prison.
US authorities have been after them and the developers of the BlackCat software they used for years. The wider ransomware group is believed to have targeted more than 1,000 victims around the world, according to a DOJ news release.
The group was defanged in December 2023, when the US Federal Bureau of Investigation (FBI) developed a tool that could decrypt data held to ransom, according ot the DOJ. It estimated this saved hundreds of victims some $99 million in ransomware payments.
No Responses