A massive bounty has been placed on the head of one “high-value” cybercriminal associated with the “LockerGoga” and “MegaCortex” ransomware gangs.
A “LockerGoga” and “MegaCortex” ransomware administrator has been added to the “EU Most Wanted List” following an indictment by the Department of Justice (DoJ).
The alleged prolific cybercriminal, Ukrainian national Volodymyr Viktorovich Tymoshchuk, has been added to the list and includes a bounty of $10 million for any information leading to his arrest.
The Department of Justice released a statement charging Tymoshchuk with various offenses, including fraud, intentional damage to protected computers, and other hacking-related charges.
Europol has him down for computer-related crime and participation in a criminal organization, alongside racketeering and extortion.
This is because Tymoshchuk, known by the monikers “deadforz,” “Boba,” “msfv,” and “farnetwork,” is an alleged administrator of the LockerGoga, MegaCortex, and Nefilim ransomware schemes that robbed more than 250 companies of billions.
Volodymyr Viktorovych Tymoshchuk is wanted by the FBI for being an alleged ransomware administrator of at least three different ransomware variants. From December of 2018, through October of 2021, Tymoshchuk and his co-conspirators allegedly deployed LockerGoga, MegaCortex, and… pic.twitter.com/7j90oDFl8I
undefined FBI Most Wanted (@FBIMostWanted) September 9, 2025
The indictment alleges that Tymoshchuk used the ransomware variants to encrypt worldwide computer networks, including those in the US, France, Germany, the Netherlands, Norway, and Switzerland.
The attacks supposedly caused companies to lose millions of dollars, as they needed to remediate costs, pay ransoms, and repair damage to computer systems.
Europol estimates that the total financial damage caused by the cybercrime group has reached upwards of $18 billion worldwide.
What’s novel about Tymoshchuk and his cybercrime organization’s tactics is that each ransomware file was customized to fit each individual victim.
This inflicts maximum damage on the victim organization and makes it difficult to deal with. Therefore, there is often no other way to mitigate the issue other than paying the ransom.
The cybercrime organization attacked hundreds of companies for years, from 2018 until 2020.
The conversation on this topic is live. Join in the discussion.
Yet, according to the DoJ, many of these attempts were unsuccessful as law enforcement intercepted them before Tymoshchuk and his crew could execute the ransomware.
The FBI is investigating Tymoshchuk and his associates' whereabouts, and Europol continues to “support the international search for the fugitive.”
Your email address will not be published. Required fields are markedmarked