Two Former Cybersecurity Employees Plead Guilty to Creating Alphv Ransomware

Published on January 05, 2026 | Translated from Spanish
Representative image of green binary code on a black background, with a red ransomware padlock superimposed, symbolizing cybercrime.

Two Former Cybersecurity Employees Plead Guilty to Creating Alphv Ransomware

The U.S. Department of Justice confirmed that two young men, aged 20 and 22, admitted to being guilty of developing and using the ransomware known as Alphv or BlackCat. The peculiar aspect of the case is that both worked for a firm in Florida that offered digital protection services while operating this malicious software. This fact underscores the dual risk of specialized technical knowledge. 🕵️‍♂️

The Criminal Business Model of Alphv/BlackCat

This group did not operate in a traditional way. They worked under the Ransomware as a Service (RaaS) scheme, where the creators rent the malicious tool to other criminals, called affiliates. In return, they received a percentage of the ransom that victims paid to recover their encrypted data. This model allowed the attack to spread globally.

Operation Details:
  • Function as a service: The accused rented the ransomware platform to third parties.
  • Role of affiliates: Other criminals executed the attacks using the tool.
  • Profit structure: The creators took a cut from each successful ransom.
Authorities state that the accused actively participated in designing, improving, and maintaining the infrastructure of this attack.

Judicial Repercussions for Those Involved

By pleading guilty to conspiring to commit computer fraud and extortion, each faces a maximum penalty of five years in prison per charge. The final sentence will be determined at a future hearing. This outcome is part of a broader campaign to dismantle cybercrime networks, even when operators use tools to hide their identity on the internet.

Key Elements of the Legal Ruling:
  • Admitted charges: Conspiracy to commit computer fraud and extortion.
  • Potential penalty: Up to five years in prison per offense.
  • Broader context: It is a blow against the RaaS model.

Final Reflection on the Case

This case exemplifies how individuals with advanced technical skills can divert their knowledge to illegal activities, even from within the industry that supposedly combats these threats. It serves as a powerful reminder that digital security is not just a matter of software, but also of the ethics of those who handle it. The next time you update your antivirus, consider the dual power that code holds. 🔐