A Ukrainian nationwide pleaded responsible on Friday to conducting Nefilim ransomware assaults that focused high-revenue companies throughout the USA and different international locations.
The defendant, 35-year-old Artem Aleksandrovych Stryzhak, was arrested in Spain in June 2024 and extradited to the U.S. on April 30, 2025.
Stryzhak has admitted to laptop fraud conspiracy costs introduced by U.S. prosecutors in reference to ransomware assaults focusing on companies in the USA, Norway, France, Switzerland, Germany, and the Netherlands.
If discovered responsible, Stryzhak faces as much as 10 years in jail, with sentencing scheduled for Could 6, 2026.
In keeping with court docket paperwork, Stryzhak allegedly obtained entry to the Nefilim ransomware code in June 2021 in alternate for 20% of the ransom funds collected. The ransomware operation created personalized malware for every sufferer together with decryption keys and ransom calls for.
After becoming a member of the Nefilim operation, Stryzhak particularly focused giant firms in the USA, Canada, and Australia with annual revenues exceeding $100 million, utilizing custom-tailored malware for every sufferer together with decryption keys and ransom calls for. Nonetheless, one Nefilim administrator later inspired Stryzhak to give attention to firms producing greater than $200 million yearly.
Stryzhak and his accomplices researched potential targets utilizing on-line platforms (together with Zoominfo) to collect details about an organization’s income, dimension, and speak to particulars.
To maximise strain on victims, the group additionally threatened to leak knowledge stolen throughout assaults on “Company Leaks” web sites managed by the Nefilim admins except ransom calls for have been met.
The U.S. State Division additionally provides as much as $11 million for data resulting in the arrest of Stryzhak’s alleged co-conspirator, Ukrainian nationwide Volodymyr Tymoshchuk, who stays at giant.
Tymoshchuk is on the most-wanted lists of each the FBI and the European Union, and in September was charged by the U.S. Justice Division together with his position because the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations.
Tymoshchuk was allegedly concerned in ransomware assaults that breached lots of of firms worldwide, leading to hundreds of thousands of {dollars} in damages between July 2020 and October 2021.
Damaged IAM is not simply an IT drawback – the affect ripples throughout your complete enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with fashionable calls for, examples of what “good” IAM appears like, and a easy guidelines for constructing a scalable technique.
