When a person or company is hit with a ransomware attack, it’s common to hire a third-party negotiator who specializes in handling the back-and-forth with the cybercriminals. In an ideal scenario, the negotiator will fight as hard as they can for their client and reduce the financial damages while keeping additional data leaks to a minimum.

In a staggering new criminal case, it turns out the negotiator was in cahoots with the hackers. On Monday, the US Department of Justice revealed that a Florida man named Angelo Martino, who had been working as a professional ransomware negotiator, has pleaded guilty to conspiracy to commit ransomware attacks against at least five American companies.

For the uninitiated, ransomware is a type of cyberattack that locks down the victims’ access to their data or software. A successful attack can incapacitate critical businesses like hospitals and airlines, or clear individual people out of their funds.

In Martino’s case, the DoJ asserts he was purposefully providing attackers with information like insurance policy limits and negotiating tactics behind his clients’ backs.

On top of betraying his clients’ trust in negotiations, the DoJ argues that Martino conspired with two additional cybersecurity experts, Ryan Goldberg and Kevin Martin, to deploy their own ransomware attacks between April and November of 2023. One victim allegedly paid out about $1.2 million in Bitcoin, which was split three ways between the gang.

All in all, feds have seized $10 million in assets from Martino alone, including cryptocurrency, a food truck, and even a luxury fishing boat. All in all, he faces a maximum combined sentence of 40 years in prison for multiple guilty pleas.

More on cyber crimes: AI Tools Are Supercharging Hackers