Cybercrime

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges

Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang.

Ionut Arghire

Published

6 days ago

Hacker

A Ukrainian national pleaded guilty in a US court to his role in the notorious Conti ransomware group, the Department of Justice announced.

The man, Oleksii Oleksiyovych Lytvynenko, 44, of Cork, Ireland, was arrested in Ireland in 2023 and was extradited to the US in October 2025 to face Conti-related charges.

Lytvynenko admitted in court to joining the Conti operation in September 2021 and working on the development of a malware loader for the group. He also admitted to possessing data from 12 victims, including eight in the US.

Authorities in the US believe that the Ukrainian national continued to engage in cybercriminal activities after the Conti operation shut down.

Lytvynenko pleaded guilty to wire fraud conspiracy and faces up to 20 years in prison. He is scheduled for sentencing on September 10, 2026.

One of the most prolific ransomware groups half a decade ago, Conti was used in attacks against over 1,000 organizations in the US and abroad between 2020 and 2022.

Advertisement. Scroll to continue reading.

The ransomware gang is estimated to have received at least $150 million in ransom payments by January 2022, and was shut down in May 2022 after it pledged support for the Russian government, which led to internal data being leaked.

The Conti operation was linked to numerous other malware families, including TrickBot, which was also associated with Bazarloader, SystemBC, IcedID, Ryuk, and Diavol. In June 2025, the German authorities named Russian national Vitaly Nikolaevich Kovalev as the TrickBot gang’s founder and leader.

“Lytvynenko’s guilty plea is a significant step toward holding cyber criminals accountable for the damage they inflict on victims worldwide. Lytvynenko profited from fear and coercion, conspiring to use Conti ransomware to extort victims and steal their data,” Assistant Director Brett Leatherman of the FBI’s Cyber Division said.

In this article:Conti, cybercrime, guilty, hacker, Ransomware

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control.

Ionut Arghire4 days ago

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

From building LED bulbs to graduating college and buying a house with money earned from bug bounties.

Kevin Townsend5 days ago

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen.

Eduard Kovacs6 days ago

Cybercrime

OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month

Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques.

Kevin TownsendJune 11, 2026