Ransomware negotiator suspected of collaborating with hackers

The U.S. Department of Justice is investigating a case against a former negotiator from DigitalMint, a company specializing in helping victims of ransomware. He is suspected of secretly colluding with hackers to obtain a portion of the cryptocurrency paid by victims.

DigitalMint has fired an employee and says it is cooperating with law enforcement. The company emphasizes that it is not itself the subject of an investigation. However, some law and insurance firms have already advised clients to stop cooperating with it.

Coveware CEO Bill Siegel believes that abuse is possible because of the buyback commission business model, which incentivizes intermediaries to seek a higher payout. AFTRDRK CEO James Taliento expressed a similar view. They are in favor of a flat rate payment.

The problem isn’t new: in 2019, ProPublica reported on companies that paid hackers but disguised it as legitimate services. Some extortionists even offered them “loyalty discounts”.

Meanwhile, the number of companies willing to pay continues to decline. According to Coveware, only 25% of victims have paid a ransom at the end of 2024 – down from 85% in 2019. The average amount also fell to $110,890.