The U.S. has charged Ukrainian national Volodymyr Tymoshchuk for his role in the LockerGoga, MegaCortex, and Nefilim ransomware attacks that targeted over 250 American companies and hundreds more worldwide. The State Department is offering a $10 million reward for information leading to his arrest.
Australia has gone all-in on quantum, betting billions on PsiQuantum’s Brisbane facility while building alliances and spin-outs from Sydney to Chicago. With defence contracts, investor momentum and Five Eyes strategy at stake, Canberra’s gamble is to lead, not follow, in the quantum race.
A software misconfiguration in a Texas government online grant system has exposed the personal data of over 44,000 natural disaster victims. The breach, discovered in late July, revealed names, Social Security numbers, and financial information, highlighting ongoing security gaps in state systems.
The U.S. has charged Ukrainian national Volodymyr Tymoshchuk for his role in the LockerGoga, MegaCortex, and Nefilim ransomware attacks that targeted over 250 American companies and hundreds more worldwide. The State Department is offering a $10 million reward for information leading to his arrest.
Cyber News Centre's cyber update for 16th September 2025: The United States has indicted Ukrainian national Volodymyr Viktorovich Tymoshchuk, known online as "deadforz," for allegedly administering the LockerGoga, MegaCortex and Nefilim ransomware groups. The indictment outlines attacks on hundreds of organisations worldwide, including more than 250 in the United States, with damages running into the tens of millions.
The Update: Unsealed on 9 September 2025, the indictment details how Tymoshchuk oversaw ransomware campaigns between December 2018 and October 2021. The operations caused widespread disruption, extorting businesses through ransom demands and leaving many organisations with costly recovery bills.
“Volodymyr Tymoshchuk is charged for his role in ransomware schemes that extorted more than 250 companies across the United States and hundreds more around the world,” said Acting Assistant Attorney General Matthew R. Galeotti. “In some instances, these attacks resulted in the complete disruption of business operations until encrypted data could be recovered or restored. This prosecution and today’s rewards announcement reflects our determination to protect businesses from digital sabotage and extortion and to relentlessly pursue the criminals responsible, no matter where they are located.”
FBI assistant director Christopher Raia added: “Tymoshchuk repeatedly used ransomware attacks to target hundreds of companies in the United States and around the globe in attempts to extort victims. Today’s announcement should serve as a warning, cyber criminals may believe they act with impunity while conducting harmful cyber intrusions, but law enforcement is onto you and will hold you accountable. The FBI along with our law enforcement partners will continue to scour the globe to bring to justice any individual attempting to use the anonymity of the internet to commit crime.”
International cooperation previously led to the extradition of a co-conspirator from Spain in 2024, with European authorities playing a key role in related actions. Decryption keys for LockerGoga and MegaCortex were released in September 2022, helping victims recover data. Tymoshchuk remains a fugitive and faces charges including conspiracy to commit computer fraud, conspiracy to damage protected computers and transmitting ransom demands. The State Department is offering up to $10 million for information leading to his arrest, with an additional $1 million reward for tips on other group leaders.
Why it Matters: This case highlights the persistent threat of organised ransomware syndicates and the global collaboration needed to disrupt them. By targeting an administrator rather than just affiliates, U.S. authorities are striking at the leadership structures that sustain these operations. The inclusion of Nefilim in the indictment confirms links between major ransomware variants.
The State Department’s $10 million reward underscores the case’s seriousness, though extradition from Ukraine remains uncertain amid the country’s ongoing conflict. For businesses, the case is a reminder that ransomware can cause crippling operational disruption and financial loss, and that prevention and resilience remain essential despite law enforcement wins.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A software misconfiguration in a Texas government online grant system has exposed the personal data of over 44,000 natural disaster victims. The breach, discovered in late July, revealed names, Social Security numbers, and financial information, highlighting ongoing security gaps in state systems.
Cornwell Quality Tools has confirmed a major ransomware attack by the Cactus group, exposing the personal and medical information of over 100,000 individuals. The breach, which occurred in December 2024, highlights the persistent threat of ransomware to the manufacturing sector.
Streaming media giant Plex has confirmed a significant data breach, exposing user emails, usernames, and hashed passwords. The company is urging all users to reset their passwords immediately and enable two-factor authentication to secure their accounts.
Cybersecurity firm Tenable has confirmed it was a victim of a major supply chain attack that compromised customer data. The breach originated from a third-party vendor, Salesloft Drift, and has impacted more than 700 organisations.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
