The US Ministry of Justice has launched an investigation into a former ransomware negotiator, accused of concluding agreements with hackers to reduce the crypto used to pay the extorters.
In a statement in Cointelegraph, the president of DigitalMint, Marc Grenns, confirmed that one of the former employees of the company is the target of an in progress criminal investigation and was “immediately dismissed” when the allegations were revealed.
“The investigation obviously involves alleged conduct not authorized by the employee when he was employed here.”
The company based in Chicago attends the victims to negotiations and ransomware payments to the pirates. The story was reported for the first time by Bloomberg on Thursday, quoting a person familiar with the issue.
DigitalMint is not in the shooting line
GRENS also said: “Digitalmint is not a target of the investigation and” cooperated fully with the police “.
He added that once discovered, DigitalMint “acted quickly to protect our customers. Confidence is won every day. As soon as we have been able, we started to communicate the facts to affected stakeholders. ”
Digitalmint said on his website that he specializes in the solid management of ransomware incidents and the facilitation of secure payments to pirates.
Its customers include Fortune 500 companies and is registered with the US Financial Crimes Sunter Network, said the company.
Ransomware
Less companies make the requests of criminals, with a February report from the Cyber-Incidents Response Company, Coveware, noting that only 25% of companies have reached extortion requests in the last quarter of 2024 paid the ransom.
In the third quarter of 2024, 32% of companies that received paid ransom requests, compared to 36% during the previous quarter, according to Coveware data. This was considerably decreasing compared to the first quarter of 2019, when 85% paid the ransom when he asked.
Coveware said the decline “suggests that more organizations improve their cybersecurity defenses, implementing better backup and recovery strategies and refuse to finance cybercriminals”.
However, the cabinet also said that the decline could be due to “increased law implementation efforts” and “stronger regulatory orientations discouraging ransom payments”.
Meanwhile, in the last salvo against the ransomware gangs, the American treasure sanctioned the Aeza group based in Russia on Tuesday, as well as its best brass and a cryptographic portfolio connected to the service, for having pretended to be hosted by ransomware and information thieves.
A distinct report from the analytical chain of blockchain analysis suppliers on February 5 also revealed that payments were lighting up by ransomware attacks decreased by $ 35% to $ 815 million in 2024, compared to $ 1.25 billion in 2023.
Ransomware negotiators are not always useful
James Taliento, Managing Director of the Cyber-Represhing Service Company, AFTRDRK, told Bloomberg that ransomware negotiators do not always act in the best interests of their customers.
In relation: Crypto losses reached $ 2.5 billion in the first half of 2025, but pirates fell in the second quarter: Certik
“A negotiator is not encouraged to reduce the price or to inform the victim of all the facts if the company for which they work benefits from the size of the demand paid. Plaine and simple,” he said
Meanwhile, a 2019 report from the Propebrica investigation revealed that two other American companies paid hackers to recover stolen data, then invoice customers under the pretext of using specialized recovery methods.
Review: Should we prohibit ransomware payments? It’s an attractive but dangerous idea
