The US Justice Department is conducting a criminal investigation involving a former DigitalMint employee, whom officials accuse of negotiating ransomware deals that included taking a cut of cryptocurrency payments.
“The investigation evidently involves alleged unauthorized conduct by the employee while employed here.”
DigitalMint Responds
DigitalMint President Marc Grens confirmed via Cointelegraph that “immediately terminated” employee Eric Pasquale[a] is facing scrutiny. The company emphasizes non-participation and full cooperation with law enforcement.
Headquartered in Chicago, DigitalMint facilitates the negotiation and secure payment processes between ransomware victims and hackers.
The probe was initially reported by Bloomberg on [presumably earlier this day] from an anonymous source familiar with the investigation.
“DigitalMint is not a target of the investigation and has been ‘cooperating fully with law enforcement.'”
Grens explained their subsequent actions: “upon discovering the allegations, we acted swiftly—to protect our clients. Trust is earned every day. As soon. as we were able, we began communicating the facts to affected stakeholders.”
DigitalMint identifies itself as specializing in securely handling ransomware incidents and facilitating secure payments to threat actors online. It claims a client base including Fortune 500 firms and registration with the US Financial Crimes Enforcement Network.
Declining Ransomware Payments
Cybersecurity data reflects a notable shift in corporate attitudes towards ransomware demands. Coveware’s February 2025 analysis indicated that only 25% of companies hit with extortion demands in Q4 2024 chose to pay.
This compares with 32% payments in Q3 2024 and 36% in Q2. A significant decline versus Q1 2019 (85% payment rate).
Coveware attributes this decline to improved organizational cyber defenses (“better backup and recovery strategies”) and increasing reluctance to fund criminal activities.
Further contributing factors suggested by Coveware are “increased law enforcement efforts” and “stronger regulatory guidance discouraging ransom payments.”
Separate statistics from Chainalysis reveal an overall decrease too: global ransomware-extorted payments dropped by 35% in 2024 to $815 million from roughly $1.25 billion the prior year.
Can Queries to Ransomware Be Trusted?
The landscape of third-party services aiding ransomware victims is facing scrutiny. James Taliento, CEO of AFTRDRK cyber intelligence, told Bloomberg that ransomware negotiators often lack alignment with client interests.
“A negotiator is not incentivized to drive the price down or to inform the victim of all the facts if the company they work for is profiting off the size of the demand paid. Plain and simple.”
This recent investigation highlights earlier findings of questionable practices by cyber services. A 2019 ProPublica investigation revealed other US firms suspected of paying hackers to retrieve stolen data and charging exorbitant fees for recovery, misrepresenting the process as specialized.
Related News
Subscribe To Our Newsletter
