A U.S. court has sentenced a former employee of a cybersecurity firm to seven years in prison for conspiring with cybercriminals to conduct ransomware attacks and defraud victims. The defendant, a 41-year-old man from Florida, was found guilty of collaborating with members of the BlackCat/ALPHV ransomware group to extort multiple victims and distribute the malware to additional targets between April and November 2023. The verdict was announced by the U.S. Department of Justice’s Office of Public Affairs, which released the ruling publicly last Thursday. According to court documents, the accused worked at DigitalMint, an incident response company, where his role was initially intended to assist organizations during crises. However, he allegedly betrayed his employers by leaking confidential information, such as negotiation positions and strategies, to cybercriminals. This data reportedly enabled the attackers to extract over one million U.S. dollars from victims through ransom demands. The defendant accepted payments from the BlackCat group in exchange for this sensitive information, further facilitating their operations. The case unfolded after the accused began working with two other individuals, a 36-year-old Texan and a 41-year-old from Georgia, to spread the BlackCat ransomware to more victims. Between April and November 2023, the three allegedly coordinated attacks that resulted in the extortion of approximately 1.2 million U.S. dollars in cryptocurrency. They divided the proceeds among themselves and laundered the funds through various means. Law enforcement agencies later recovered assets worth around 10 million U.S. dollars, including digital currencies, vehicles, a food truck, and a luxury fishing boat. In April, the defendant pleaded guilty to the charges. By May, the two co-conspirators had already received sentences of four years each. The investigation revealed that the accused had not only taken a share of the ransom money but was also directly involved in orchestrating the attacks. During the initial phase of the case, prosecutors charged two men in November, revealing that the accused had been secretly profiting from the criminal activities while posing as a legitimate cybersecurity professional. The sentencing follows a broader effort by federal authorities to dismantle organized cybercrime networks such as BlackCat/ALPHV. These groups have targeted businesses, hospitals, and government entities worldwide, often demanding large sums in cryptocurrency. The conviction underscores the growing focus on holding both individual actors and corporate entities accountable for enabling or participating in cyberattacks. An upcoming hearing scheduled for September 17 will determine the amount of damages to be awarded to the affected parties. The case highlights the increasing complexity of cybercrime investigations, where individuals with technical expertise can exploit their positions to facilitate illegal activities. It also reflects the legal system's commitment to prosecuting those who misuse their skills for financial gain, even within seemingly reputable organizations.
★
Manteniamo le notizie oneste.
ObjectiveNews è finanziato dai lettori e senza pubblicità: ti mostriamo il bias invece di nasconderlo. Sostieni il giornalismo indipendente per 5 €/mese.
Diventa sostenitore