After being extradited from Ireland to the United States, Oleksii Oleksiyovych Lytvynenko pleaded guilty in the US and admitted to a wire fraud conspiracy tied to the Conti ransomware group, one of the most notorious in the world. US authorities say the Russia-based operation targeted victims across dozens of countries and generated hundreds of millions of dollars in ransom payments.
-
A Ukrainian national accused of working with the Conti ransomware gang has pleaded guilty in the United States.
-
Prosecutors say he helped deploy ransomware, steal data and extort victims across multiple countries.
-
Conti was one of the most prolific ransomware operations, with attacks linked to at least $150 million in ransom payments.
-
The defendant is scheduled to be sentenced in September and could face decades behind bars.
The 44-year-old Ukrainian national was arrested in July 2023. He worked with others to distribute Conti ransomware to steal victims’ data and extort them.
The Conti ransomware gang, also known as Wizard Spider, was a notorious ransomware extortion group based in Russia that operated from December 2019 until May 2022, when internal chats were leaked, and pressure from law enforcement authorities increased.
The gang extorted money from numerous organizations using a ransomware-as-a-service (RaaS) model. Universal Health Services (UHS), one of the largest hospital networks in the United States, is one of the best-known victims of the Conti Group. The ransomware attack cost the healthcare institution €67 million.
The US Department of Justice alleges that Conti attacked computers and networks in 47 states and 31 foreign countries. The FBI estimates that Conti ransomware attacks resulted in at least $150 million in ransom payments.
According to court documents, Lytvynenko hacked into victims’ computers and networks, encrypted their data using malicious software, and demanded a ransom to restore the victims’ access to their files. If victims refused to pay, he would disclose the stolen information.
The suspect has admitted to possessing data from 8 victims in the United States and 4 victims from overseas, which had been stolen using Conti ransomware. In addition, Lytvynenko pleaded guilty to joining a team tasked with working on a “loader,” a type of malware used to install programs necessary to carry out malicious attacks.
Last week, Lytvynenko pleaded guilty to conspiracy to commit wire fraud. On September 10th, 2026, he is scheduled to be sentenced. He faces a prison sentence of up to 20 years.
“Lytvynenko’s guilty plea is a significant step toward holding cybercriminals accountable for the damage they inflict on victims worldwide. This case demonstrates that the FBI and our partners will relentlessly pursue those responsible for cybercrimes, regardless of where they operate, and bring them to justice,” Brett Leatherman, Assistant Director of the FBI’s Cyber Division, said in a statement.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked