[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3dEcak7V2P5F--T65UDVIl8mrUr5TrJ3UUFOMEmtMlA":3},{"article":4,"iocs":46},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":23,"category":24,"article_tags":28},"75258ceb-8f01-4f37-8da2-1f179225df9f","Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks","extradited-ukrainian-man-admits-role-in-conti-ransomware-attacks-ab7082","Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments.","Oleksii Lytvynenko, a Ukrainian national extradited from Ireland, has pleaded guilty in the US to conspiracy to commit wire fraud. He was involved in the Conti ransomware operation, which targeted over 1,000 victims between 2020 and 2022, extorting at least $150 million. Lytvynenko admitted to stealing data from eight US victims and four international victims as part of his role.","Ukrainian national pleads guilty in US to wire fraud conspiracy linked to Conti ransomware.","Cyber Crime Cyber Attacks SecurityExtradited Ukrainian Man Admits Role in Conti Ransomware Attacks Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments. byWaqasJune 13, 20262 minute read A Ukrainian man extradited from Ireland has pleaded guilty in the United States for his role in the Conti ransomware operation, one of the most damaging cybercrime groups active during the pandemic years. Oleksii Oleksiyovych Lytvynenko, 44, admitted to conspiracy to commit wire fraud after prosecutors said he worked with others involved in deploying Conti ransomware against victims in the US and overseas. His guilty plea follows his extradition from Ireland, as reported by Hackread.com in October 2025. According to the US Department of Justice, Conti was used between 2020 and 2022 to attack more than 1,000 computers and networks. The FBI estimates that by January 2022, victims had paid at least $150 million in ransom demands linked to the malware. Prosecutors said the group used a familiar ransomware model, including compromising victim networks, encrypting files, stealing data, and making ransom demands. Those demands often included threats to publish stolen data if victims refused to pay. Conti ransomware gang’s ransom note In its press release, the Justice Department said Conti ransomware attacks had targeted victims in 47 US states, the District of Columbia, Puerto Rico, and 31 foreign countries. These targets included businesses and organizations of different sizes, with prosecutors saying the group caused millions of dollars in damage. Lytvynenko admitted that he joined the Conti conspiracy in September 2021. As part of his plea, he acknowledged having data stolen from eight US victims and four victims outside the United States. Court filings also describe his work with a Conti member who directed him to code a “loader.” In malware operations, a loader is commonly used to install or run other malicious tools needed for further attacks. Lytvynenko is scheduled to be sentenced on September 10, 2026. He faces a maximum penalty of 20 years in prison, although the final sentence will be decided by a federal judge after reviewing sentencing guidelines and other legal factors. The action is part of Operation Riptide, an FBI campaign targeting cybercrime actors, infrastructure, and financial networks behind online fraud and ransomware. According to the FBI, Americans reported more than $20 billion in cybercrime losses last year, a 26 percent increase from the prior year. The case adds another guilty plea to the US government’s effort to identify and prosecute people linked to ransomware gangs. In December 2025, two Americans, Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, pleaded guilty in a Florida federal court to carrying out a series of extortion attacks for the ALPHV, also known as BlackCat, ransomware gang during 2023. That same month, another Ukrainian national, Artem Aleksandrovych Stryzhak, 35, pleaded guilty to deploying Nefilim ransomware as part of a global extortion scheme that targeted companies in multiple countries. Stryzhak had been extradited from Barcelona, Spain, to the United States. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts ContiCyber AttackCyber CrimeCybersecuritydata breachIrelandMalwareRansomwareUkraine Leave a Reply Cancel reply View Comments (0) Related Posts Read More Cyber Crime Jail Time: ‘PlugWalkJoe’ Gets 5 Years for Twitter Hack and Sim Swapping The mastermind behind the Twitter hack, Graham Ivan Clark, is already serving a three-year sentence. A New York… byWaqas Security Technology Critical Vulnerability Found in Samsung’s Tizen-based Smart TV Smart TV isn’t that “Smart” if you ask us. The whole idea behind a smart TV is to… byJahanzaib Hassan Security Leaks Cloudflare suffered data leak; exposing 3 million IP addresses: Ukraine The National Security and Defense Council of Ukraine claims the data leak has... bySudais Asif Security Cyber Attacks How I Discovered My First Vulnerability I have read a couple of books recently about different vulnerabilities in order to be able to better… byDavid Balaban","https:\u002F\u002Fhackread.com\u002Fextradited-ukrainian-admits-conti-ransomware-attacks\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002Fextradited-ukrainian-admits-conti-ransomware-attacks.jpg","2026-06-13T14:31:38+00:00","2026-06-13T16:00:10.358186+00:00",8,[18,21],{"name":19,"type":20},"Conti","threat_actor",{"name":22,"type":20},"ALPHV","7d8b5ab8-ea0b-4ced-ae97-ec251b86993a",{"id":23,"icon":25,"name":26,"slug":27},null,"Ransomware","ransomware",[29,34,36,41],{"category":30},{"id":31,"icon":25,"name":32,"slug":33},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":35},{"id":23,"icon":25,"name":26,"slug":27},{"category":37},{"id":38,"icon":25,"name":39,"slug":40},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":42},{"id":43,"icon":25,"name":44,"slug":45},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]