Ethical Hacking News
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk with running several prominent ransomware operations, including LockerGoga and MegaCortex. This charge marks a significant development in the ongoing effort to combat cybercrime and protect vulnerable organizations from these types of threats.
Tymoshchuk, a Ukrainian national, has been charged with administrative oversight of ransomware operations. He allegedly participated in LockerGoga, MegaCortex, and Nefilim ransomware operations between July 2019 and June 2020. Tymoshchuk provided access to affiliates, including co-defendant Artem Stryzhak, in exchange for a 20% share of ransom proceeds. He is linked to other prominent ransomware gangs, including JSWORM, Karma, Nokoyawa, and Nemty. Tymoshchuk faces charges related to computer fraud, damaging protected computers, unauthorized access, and threatening confidential information. A reward of up to $11 million is offered by the U.S. Department of State's TOC Rewards Program for Tymoshchuk's arrest or conviction.
In a move that highlights the relentless pursuit of cybercrime enforcement, the U.S. Department of Justice has formally charged Ukrainian national Volodymyr Viktorovich Tymoshchuk with administrative oversight of several prominent ransomware operations. The accusations against Tymoshchuk have shed light on a complex web of threats, extortion schemes, and technological innovations that have wreaked havoc across the globe.
According to publicly available documents, Tymoshchuk's involvement in the LockerGoga, MegaCortex, and Nefilim ransomware operations began sometime between July 2019 and June 2020. During this period, his accomplices managed to breach the networks of over 250 companies located primarily within the United States and many more worldwide. Despite the significant damage inflicted on these organizations, law enforcement sources indicate that Tymoshchuk's associates frequently encountered setbacks due to early warnings issued by authorities.
One such instance involved Tymoshchuk's alleged involvement with the MegaCortex ransomware operation between July 2020 and October 2021. According to reports, he provided access to affiliates, including co-defendant Artem Aleksandrovych Stryzhak, who was later extradited from Spain in April 2025. In exchange for 20 percent of the ransom proceeds, Tymoshchuk facilitated this collaboration.
Furthermore, cyber threat intelligence firm Group-IB has linked Tymoshchuk to several other prominent ransomware gangs, including JSWORM, Karma, Nokoyawa, and Nemty. These connections were made possible through his recruitment of affiliates on multiple Russian-speaking hacker forums as early as April 2019.
The repercussions of Tymoshchuk's actions have been far-reaching. As U.S. Attorney Joseph Nocella Jr. pointed out in a statement, "Tymoshchuk is a serial ransomware criminal who targeted blue-chip American companies, health care institutions, and large foreign industrial firms, and threatened to leak their sensitive data online if they refused to pay." In some instances, these attacks resulted in the complete disruption of business operations until encrypted data could be recovered or restored.
In recognition of this threat, cybersecurity organizations have worked tirelessly to combat ransomware attacks. One such initiative, the "No More Ransomware Project," has released free decryptors for LockerGoga and MegaCortex ransomware through a global collaboration. This effort aims to empower victims and minimize financial losses from these types of cyberattacks.
In light of these revelations, Tymoshchuk now faces charges for his role in two conspiracy cases related to computer fraud, as well as three counts of damaging protected computers. Furthermore, he is charged with unauthorized access and threatening to disclose confidential information.
The U.S. Department of State's Transnational Organized Crime (TOC) Rewards Program has also announced a reward of up to $11 million for any information that could lead to the arrest or conviction of Tymoshchuk or his accomplices.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Dark-Net-Administrator-Unraveling-the-Mystery-of-Volodymyr-Viktorovich-Tymoshchuks-Ransomware-Empire-ehn.shtml
https://www.bleepingcomputer.com/news/security/us-charges-admin-of-lockergoga-megacortex-nefilim-ransomware/
Published: Tue Sep 9 11:49:20 2025 by llama3.2 3B Q4_K_M
