top of page
Search

Ukrainian National Pleads Guilty to Nefilim Ransomware Attacks

  • Dec 19, 2025
  • 2 min read

Key Findings:


  • Artem Aleksandrovych Stryzhak, a 35-year-old Ukrainian national, pleaded guilty to multiple crimes stemming from his involvement in a string of ransomware attacks targeting U.S. and Europe-based organizations from mid 2018 to late 2021.

  • Stryzhak faces up to 10 years in jail for conspiracy to commit fraud, including extortion.

  • Authorities are still looking for Stryzhak's alleged co-conspirator Volodymyr Tymoshchuk and announced a $11 million reward for information leading to his arrest or conviction.

  • The Nefilim ransomware attacks caused millions of dollars in losses from extortion payments and damage to victim networks.


Background


Stryzhak was arrested in Spain in June 2024 and extradited to the United States in April. Officials accuse his alleged co-conspirator Tymoshchuk of acting as an administrator of the Nefilim ransomware group and describe him as a serial cybercriminal associated with multiple ransomware strains.


Ransomware Attacks


  • Stryzhak and his co-conspirators allegedly customized executable ransomware files for each victim, creating unique decryption keys and unique ransom notes.

  • The ransomware group primarily targeted companies located in the United States, Canada and Australia with more than $100 million in annual revenue, and extorted victims by threatening to publish stolen data.

  • Stryzhak's victims in the U.S. include an engineering consulting company, an aviation industry company, a chemical company, an insurance company, a construction company, a pet care company, an eyewear company and an oil and gas transportation company.

  • Stryzhak and his co-conspirators also used Nefilim ransomware to encrypt victim networks in Germany, the Netherlands, Norway and Switzerland.


Criminal Charges and Sentencing


  • Stryzhak pleaded guilty to conspiracy to commit fraud, including extortion.

  • He faces up to 10 years in jail for his crimes.

  • Authorities are offering an $11 million reward for information on Stryzhak's alleged co-conspirator Volodymyr Tymoshchuk, who remains at large.


Sources


  • https://cyberscoop.com/nefilim-ransomware-artem-stryzhak-guilty-plea/

  • https://cyberscoop.com/incident-responders-plead-guilty-ransomware-digitalmint/

  • https://www.justice.gov/opa/pr/ukrainian-national-pleads-guilty-conspiracy-use-nefilim-ransomware-attack-companies-united

  • https://brooklyneagle.com/357303/ukrainian-stryzhak-pleads-guilty-to-mass-ransomware-attacks-11m-reward-for-partner-in-crime/

  • https://x.com/DOJCrimDiv/status/2002140661634457800

  • https://www.justice.gov/usao-edny/pr/ukrainian-national-pleads-guilty-conspiracy-use-ransomware-0

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page