A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States.
Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his transfer from Irish custody, where he had been held since his arrest in July 2023.
Global Ransomware Campaign Targeted Over 1,000 Victims
According to federal prosecutors, Lytvynenko conspired with others to deploy Conti ransomware against victims worldwide between 2020 and June 2022.
The operation attacked more than 1,000 victims across approximately 47 U.S. states, the District of Columbia, Puerto Rico, and 31 foreign countries.
Court documents allege that the conspirators infiltrated computer networks, encrypted victim data, and demanded ransom payments to restore access while threatening to publicly release stolen information.
The FBI estimates that Conti ransomware attacks generated at least $150 million in ransom payments by January 2022.
The malware particularly targeted critical infrastructure, with 2021 data showing Conti was used against more critical infrastructure victims than any other ransomware variant that year.
In Tennessee alone, the conspirators allegedly extorted over $500,000 in cryptocurrency from two victims and published stolen data from a third.
Irish national police, An Garda Síochána, arrested Lytvynenko in July 2023 at the request of U.S. authorities.
Court filings allege that Lytvynenko controlled data stolen from numerous Conti victims and played a direct role in creating ransom notes deployed on compromised systems.
Prosecutors claim he remained active in cybercrime activities until just days before his arrest in Ireland.
Following extended extradition proceedings, Lytvynenko was transferred to U.S. custody this month. He now faces charges of computer fraud conspiracy and wire fraud conspiracy.
If convicted, he could receive a maximum sentence of five years for computer fraud conspiracy and 20 years for wire fraud conspiracy.
The case represents part of a broader effort to dismantle the Conti ransomware network. In September 2023, federal prosecutors unsealed an indictment charging four other Conti conspirators in Tennessee.
The investigation involves multiple FBI field offices in Nashville, San Diego, and El Paso, along with the U.S. Secret Service.
Justice Department officials emphasized their commitment to pursuing ransomware operators globally.
The department’s Computer Crime and Intellectual Property Section has secured convictions of over 180 cybercriminals since 2020 and obtained court orders returning more than $350 million to victims.
Authorities continue urging organizations to report ransomware incidents promptly to local FBI offices.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
