Ukraine police confirm arrest of man aiding Conti and LockBit

Ukrainian police have identified and arrested a 28-year-old man from Kyiv who’s suspected of aiding notorious Russian ransomware groups Conti and LockBit to carry out cyberattacks.

The Ukrainian Cyber police and investigators of the National Police discovered that the man specialized in software for masking computer viruses under the guise of safe files.

Russian hackers then used the disguised malware to infect computer networks and demand ransoms for decrypting the data.

“Thanks to his programming skills, the person involved was able to hide malicious software from the most popular antiviruses,” Ukrainian police described the man, who was born in Kharkiv region.

The Conti ransomware gang rewarded the hacker's services with cryptocurrency. In 2021, Conti used his malware to incapacitate computer networks in the Netherlands and Belgium.

Cybernews already reported that the Dutch National Cyber Security Center alerted the authorities about the perpetrator before the arrest.

The Ukrainian police claim that the defendant also aided LockBit. Bot ransomware gangs are some of the largest globally – they’re financially motivated and specialize in attacks against large enterprises.

During the raid, police seized computer equipment, mobile phones, and draft records. The investigation is ongoing, and the suspect could face up to 15 years in prison for unauthorized interference with computer systems. Additional charges are possible.


The arrest comes after law enforcement agencies disrupted the LockBit and Conti cartels at every level. In February, the FBI, Europol, and other authorities seized LockBit’s infrastructure, arrested several affiliates, unveiled the leadership, and recovered 7,000 decryption keys. Conti Group has been proclaimed dead.