US EditionFeds offer $11M reward for arrest of Ukrainian ransomware hacker
Volodymyr Tymoshchuk allegedly led ransomware attacks on over 250 U.S. companies and hundreds worldwide, causing millions in damages, with up to $11 million offered for information on his arrest.
- On Tuesday, the Department of Justice unsealed an indictment in the Eastern District of New York charging Volodymyr Viktorovych Tymoshchuk with seven counts related to administering LockerGoga, MegaCortex, and Nefilim ransomware operations.
- Prosecutors say the activity involved Tymoshchuk's schemes extorting more than 250 companies in the United States and hundreds more worldwide in recent years, targeting networks across multiple countries.
- According to the indictment, Tymoshchuk used Nefilim, LockerGoga, and MegaCortex to encrypt hundreds of company networks, provided access to affiliates including co-defendant Artem Aleksandrovych Stryzhak, and law enforcement alerts sometimes prevented ransomware deployment, causing millions in losses to victim companies in the United States and abroad.
- The move was made in coordination with the Department of Justice, FBI, Europol, Germany, France, and Norway; the U.S. Department of State offers up to $11 million, with Tymoshchuk remaining a fugitive.
- As of 2025, nearly 63 percent of businesses faced ransomware, Group-IB linked Tymoshchuk to gangs, and officials reminded that defendants are presumed innocent until proven guilty.
21 Articles
21 Articles
DOJ Unseals Charges Against Hacker Behind Ransomware Attacks on 250 US Companies
The Justice Department on Sept. 9 unsealed a 2024 indictment of Ukrainian hacker Volodymyr Viktorovych Tymoshchuk for his alleged role in exploiting hundreds of companies via ransomware schemes. Tymoshchuk is alleged to be the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware schemes that affected more than 250 U.S. companies and hundreds more in other countries, causing millions in damage. “Tymoshchuk is a serial ransomware cr…
U.S. indicts Ukrainian national for hundreds of ransomware attacks using multiple variants
The Department of Justice unsealed an indictment against a Ukrainian national alleged to be central to a ransomware campaign affecting hundreds of companies worldwide. Volodymyr Viktorovych Tymoshchuk, known online as “deadforz,” “Boba,” “msfv,” and “farnetwork,” is accused of developing and deploying ransomware variants Nefilim, LockerGoga, and MegaCortex, all of which have been used in attacks on prominent organizations in the United States, …
DOJ Charges Ukrainian National for Over 250 Ransomware Attacks
The Department of Justice announced charges on Tuesday against a Ukrainian national who the government alleges is responsible for hundreds of ransomware attacks that targeted both U.S. and international companies. Volodymyr Tymoshchuk, also known as "deadforz," "Boba," "msfv," and "farnetwork," has been charged by the DOJ for his role in schemes that extorted more than 250 companies across the United States and hundreds more around the world. Ty…
Coverage Details
Bias Distribution
- 55% of the sources lean Right
Factuality
To view factuality data please Upgrade to Premium
