The US Department of Justice has revealed that a Ukrainian is wanted hacker allegedly having to have a leading role in international cyberattacks Ransomware, with malicious software causing significant financial damage to large companies in Europe and the US.
THE Volodymyr viktorovych tymoshchukUkrainian hackers – known on the Internet as “DeadForz”, “Boba”, “MSFV” and “Farnetwork”, is accused of developing ransomware with malicious software Nefilim, Lockergoga and Megacortx, which have been used in government -based organizations against important organizations around the world Since 2018.
The State Department announced fees total height to $ 10 million For information that will lead to the arrest or conviction of a Ukrainian hacker, with a separate fee of up to $ 1 million for information on other leadership members of the teams using Ransomware.
According to the indictment, filed in the eastern district of New York, Tymoshchuk and allegedly his associates are believed to be believed to they blackmailed more than 250 companies in the US and other countries around the worldcausing tens of millions of dollars. The victims have suffered not only the loss of data and the suspension of their business activities, but also high costs of mitigation and rehabilitation.
Among the goals were companies blue-chiphealthcare institutions and large industrial companies. Prosecutors described in detail how the group attacked attacks on companies with Annual Revenue of Over $ 100 Millionsometimes searching for specific companies in the United States, Canada or Australia.
“Volodymyr Tymoshchuk has repeatedly used ransomware attacks to target companies in the United States and around the world in efforts to blackmail victims. Today’s announcement must act as a warning: cybercrime may believe they are acting unpunished when they make harmful cyberattacksbut your law enforcement authorities are following and will make you responsible, “said Christopher Raia, his deputy director FBI.
“The FBI, along with our associates in the law enforcement, will continue to scans The world to bring about justice to any person trying to use the anonymity of the internet to commit a crime. “
The announcement for the indictment was made in collaboration with the US Department of Justice, FBI, Europol and authorities from Germany, France and Norway. The Ministry of Justice has announced that it opened the indictment against Timoscuk, who is accused of seven offenses for involvement in ransomware attacks. 29 -year -old Ukrainian escapes arrest.
Volodymyr Viktorovych Tymoshchuk is wanted by the FBI for being an alleged ransomware administrator of at least three different ransomware variants. From December of 2018, through October of 2021, Tymoshchuk and his co-conspirators allegedly deployed LockerGoga, MegaCortex, and… pic.twitter.com/7j90oDFl8I
— FBI Most Wanted (@FBIMostWanted) September 9, 2025
The action of Tymoshchuk and his team
Tymoshchuk is considered a key person behind international cyberattacks. His team used three known ransomware variants:
- Nephilim: Appeared in 2020. He used double extortion, that is, encrypted data and threatened to make public. It was targeting large companies in areas such as energy, constructions and transport, demanding ransom of millions.
- Loose: It became known by the attack on Norwegian company Norsk Hydro in 2019, causing over $ 70 million damage.
- MegaCortex: It hit large businesses, mainly in Europe and the US. Victims were IT companies and industrial units, with a serious impact on their operation.
Their tactics were always the same: they were entering networkslocked critical data and demanded large sums as ransomthreatening to leak sensitive information. Even if the companies were paid, it took months to get back completely, at high financial costs.
The effects
The attacks were not limited in a few occasions. In Europe, they were hit large industriesenergy companies and municipal services. In the US, dozens of businesses have suffered serious damage, at a cost of hundreds of millions of dollars. Authorities believe that Timoscuk had leading role In these attacks, but it is not known how many people from his team continue their action.
US announcement on fees
US Department of Foreign Affairs announced that it offers up to $ 10 million for information that will lead to the arrest or conviction of Timoscouk in the context of the global strategy against international crime and especially the ransomware. It also offers up to $ 1 million for information about his other key associates.
According to the indictment in New York, From December 2018 to October 2021Timoscouk and his team have launched attacks on hundreds of companies in the US and other countries, encrying their networks and demanding ransom. The attacks caused huge financial problems for the victims.
The remuneration announcement was coordinated with the FBI, the Ministry of Justice, the Europol and the beginnings of Germany, France and Norway. Timoscuk remains wanted. Those in the US can contact a local fbi office, and outside the US can go to the nearest US Embassy.