Ukrainian Extradited to the US Over Alleged Role in Conti Ransomware

US prosecutors charge a Ukrainian national with helping deploy Conti ransomware that extorted hundreds of thousands from Americans.

Extradition follows lengthy international pursuit

Ukrainian citizen Oleksii Lytvynenko, 43, was extradited from Ireland to the United States to face charges linked to the Conti ransomware operation, one of the most notorious cybercrime syndicates of recent years.

The extradition follows a coordinated effort between US and Irish authorities after Lytvynenko fled Ukraine in 2022 and settled in Cork.

The US Department of Justice (DoJ) accuses Lytvynenko of conspiring with others to compromise victims’ systems, encrypt sensitive data and demand payments to restore access. Prosecutors allege the group’s attacks led to more than $500,000 in direct losses to US entities and contributed to a global wave of Conti-related extortion campaigns.

Alleged role in managing stolen data and ransom notes

Court filings suggest Lytvynenko was responsible for handling stolen information and managing ransom communications during the attacks. Investigators say the Ukrainian remained active in cybercrime until his arrest by Irish authorities in 2023.

The DoJ described the broader conspiracy as an enterprise that attempted to extort around $150 million in ransom payments from victims across nearly every US state and dozens of countries. Officials emphasized that such operations represent an ongoing threat to both public and private sectors worldwide.

Global cooperation against ransomware actors

Acting Assistant Attorney General Matthew R. Galeotti highlighted the case as evidence of the US government’s determination to hold ransomware operators accountable, regardless of their location. The extradition was made possible through collaboration between the FBI, the US Secret Service and Irish law enforcement.

The FBI Cyber Division’s Brett Leatherman said the agency remains committed to tracking ransomware networks operating across borders and urged organizations to report incidents promptly.

If convicted, Lytvynenko faces up to 25 years in prison on charges of computer and wire fraud conspiracy. Four Conti associates were previously indicted in a related case in Tennessee, signaling a continued crackdown on the remnants of the defunct ransomware group.

Protect yourself before ransomware strikes

Although ransomware actors typically target large organizations, stray ransomware may also end up on personal computers. In other words, everyday users can also fall victim to this ruthless attack, quickly losing precious photos, documents, or even access to their devices.

Bitdefender Ultimate Security delivers real-time ransomware protection, advanced threat prevention and identity theft monitoring across all your devices, giving you the upper hand against cybercriminals.