A Ukrainian man implicated in a series of ransomware attacks has been found guilty in the United States. These cybercrimes affected companies in several countries, including the United States, Canada, and Australia. The damage caused by the attackers’ actions amounts to millions of dollars.
Artem Aleksandrovych Stryzhak, a 35-year-old Ukrainian citizen, was arrested in Barcelona in 2024 and extradited to the United States in the spring. He pleaded guilty to conspiracy to commit computer fraud. His trial is taking place in the Eastern District of New York, where sentencing has been set for May 2026. Stryzhak faces up to ten years in prison.
According to the indictment, Strizhak joined the cybercriminal organization in mid-2021. He then gained access to the malware known as Nefilim and agreed to pay its developers a portion of the ransom. The group targeted large companies with annual revenues exceeding $100 million. Their actions caused not only direct financial losses but also significant damage to the affected organizations’ infrastructure.
Victims included companies in aviation, engineering, chemicals, insurance, energy, and other industries. Nefilim’s operators operated not only in North America but also internationally, using a two-pronged extortion method: first blocking access to systems and then threatening to disclose the stolen data.
The investigation is ongoing, and the U.S. Department of Justice remains interested in the group’s other members. Particular attention is being paid to Volodymyr Tymoshchuk , whom the indictment identifies as one of the organizers of the criminal scheme . An $11 million reward is still available for information leading to his whereabouts.
According to the filing, Tymoshchuk not only supervised Nefilim’s activities, but was also associated with other ransomware programs, such as LockerGoga and MegaCortex .
From late 2018 to the fall of 2021, it was allegedly responsible for attacks on hundreds of organizations in the United States and Europe. The U.S. Department of Justice estimates the total damage suffered exceeds tens of millions of dollars. Among the most high-profile incidents was the attack on the Norwegian company Norsk Hydro in 2019.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
